LATEST ARTICLES

PwnedPasswordsDownloader – Efficient Downloading Of HIBP Password Hashes Using Curl Parallelism

0

Thanks for HIBP and this downloader. At first I was considering using it, but the API of HIBP passwords is so easy that I wrote a small shell script for it. It was slow as hell, because it had no parallelism at all. It was far too slow for my taste, thus I was thinking about adding parallelism. And...

Cybersecurity Conferences – A Comprehensive Slide Collection

0

Comprehensive repository for presentation slides from major cybersecurity conferences held in 2023 and 2024. It provides quick access to the latest insights and research presented at these notable events, catering to professionals and enthusiasts in the field of cybersecurity. Conference presentation slides: Black Hat USA 2024 slides (3-8 August,2024) REcon 2024 Slides (28-30 Jun,2024) Offensivecon 2024 (May 10-11,2024 Berlin) Blackhat Asia 2024 (April 16-19,...

DLL Proxy Generator – Harnessing Advanced Proxy Capabilities

0

Generate a proxy dll for arbitrary dll, while also loading a user-defined secondary dll. In the evolving landscape of software development and security, the ability to customize and control application behaviors is paramount. The DLL Proxy Generator offers a robust solution by enabling the creation of proxy DLLs. This tool not only facilitates the proxying of any designated DLL but...

DLL Universal Patcher – A Comprehensive Guide To Advanced Binary Patching

0

DLL Universal Patcher is a flexible and convenient code patcher that doesn't touch the files on disk. It can be used for replacing any tasks that you'd otherwise achieve with on-disk patching, such as fixing old software on modern machines, or fixing bugs in others' software. In addition, due to more control over when the patching happens, it is...

RustiveDump : A Rust-Based Tool For Efficient Memory Dumping Of lsass.exe

0

RustiveDump is a Rust-based tool designed to dump the memory of the lsass.exe process using only NT system calls. It creates a minimal minidump file from scratch, containing essential components like SystemInfo, ModuleList, and Memory64List, with support for XOR encryption and remote transmission. This project is a personal learning experience, focusing on leveraging native Windows APIs for memory dumping and building...

SharpExclusionFinder – Streamlining Windows Defender Exclusion Checks With Advanced Scanning Capabilities

0

This C# program finds Windows Defender folder exclusions using Windows Defender through its command-line tool (MpCmdRun.exe). The program processes directories recursively, with configurable depth and thread usage, and outputs information about exclusions and scan progress. The program allows you to: Scan for folder exclusions up to a specified depth, without relying on event logs or admin permissions. Use multi-threading to speed the...

Argus – The Ultimate Python Toolkit For Advanced Network Reconnaissance

0

Argus is an all-in-one, Python-powered toolkit designed to streamline the process of information gathering and reconnaissance. With a user-friendly interface and a suite of powerful modules, Argus empowers you to explore networks, web applications, and security configurations efficiently and effectively. Whether you're conducting research, performing security assessments with proper authorization, or just curious about network infrastructures, Argus brings a wealth...

SlackEnum – Mastering User Enumeration On Slack

0

A specialized tool designed for user enumeration on the Slack platform. This powerful utility aids in identifying active users within a Slack workspace, enhancing both security testing and network analysis. Learn how to set up and deploy SlackEnum effectively with our step-by-step guide. Setup Clone this repository and install the necessary dependencies with the commands below. git clone https://github.com/Wh1t3Rh1n0/SlackEnum cd SlackEnum python3 -m pip...

Operation Archive – Documenting The Dark Web’s Takedown

0

This repository will be used to add documents, pictures, etc on LEA efforts; Indictments, Seizure Warrants, Raids with photos/video, Online Seizures.. the juicy stuff we all want to see, not the boring stuff. This archive is run by Dark Web Informer (darkwebinformer.com) A dedicated repository showcasing the relentless efforts of law enforcement agencies in dismantling illicit activities on the dark web....

Java Deserialization Cheat Sheet – Detecting And Exploiting Vulnerabilities

0

A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization libraries. Please, use #javadeser hash tag for tweets. Table Of Content Java Native Serialization (binary) Overview Main talks & presentations & docs Payload generators Exploits Detect Vulnerable apps (without public sploits/need more info) Protection For Android XMLEncoder (XML) XStream (XML/JSON/various) Kryo (binary) Hessian/Burlap (binary/XML) Castor (XML) json-io (JSON) Jackson (JSON) Fastjson (JSON) Genson (JSON) Flexjson (JSON) Jodd (JSON) Red5 IO AMF (AMF) Apache Flex BlazeDS (AMF) Flamingo AMF (AMF) GraniteDS...