.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
WHAT'S NEW
- All
- Accessories
- Android
- Android
- Applications
- Blog
- Bluetooth
- Cyber security
- Database Assessment
- Exploitation Tools
- Forensics
- Hacking Courses
- Hacking Tools
- Information Gathering
- iphone
- Kali Linux
- Kali Linux Tools
- Linux
- Malware
- New Post
- Password Attacks
- PCI
- Pentesting Tools
- Phishing
- Post Exploitation
- Security Hacker
- Sniffing/Spoofing
- software
- Stress Testing
- TECH
- Tech today
- Tutorials
- VPN
- Vulnerability Analysis
- Web Application Analysis
- Wi-Fi
- Wi-Fi
- Windows
- Wireless Attacks
- YECH
garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security
Vermilion : Mastering Linux Post-Exploitation For Red Team Success
AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration
Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories
Loco : A Rails-Inspired Framework For Rust Developers
WINDOWS PHONE
Evine : Interactive CLI Web Crawler
LATEST ARTICLES
garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security
garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. If you know nmap or msf / Metasploit Framework, garak does somewhat similar things to them, but for LLMs. garak focuses on ways of making an LLM or...
Vermilion : Mastering Linux Post-Exploitation For Red Team Success
Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration of sensitive information from Linux systems.Its primary purpose is to streamline the process of gathering critical data in red teaming scenarios. How It Works Vermilion is a Linux-focused tool designed for efficient information gathering and sensitive data exfiltration. It collects: System Information : OS details, hostname, network...
AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration
ADCFFS is a PowerShell script that can be used to exploit the AD CS container misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise. The tool can also be used to first scan the forest to determine if it is vulnerable to the attack and can remedy the permission misconfiguration as well. More information...
Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories
Tartufo will, by default, scan the entire history of a git repository for any text which looks like a secret, password, credential, etc. It can also be made to work in pre-commit mode, for scanning blobs of text as a pre-commit hook. tartufo [OPTIONS] COMMAND [ARGS]... Options--default-regexes, --no-default-regexes Whether to include the default regex list when configuring search patterns. Only applicable if –rules...
Loco : A Rails-Inspired Framework For Rust Developers
Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at home. If you only know Rails and new to Rust, you'll find Loco refreshing. We do not assume you know Rails. For a deeper dive into how Loco works, including detailed guides, examples, and API references, check out our documentation website. Features Of Loco: Convention Over Configuration:...
Monolith : The Ultimate Tool For Storing Entire Web Pages As Single HTML Files
A data hoarder’s dream come true: bundle any web page into a single HTML file. You can finally replace that gazillion of open tabs with a gazillion of .html files stored somewhere on your precious little drive. Unlike the conventional “Save page as”, monolith not only saves the target document, it embeds CSS, image, and JavaScript assets all at once,...
Mountpoint For Amazon S3 : Enhancing File System Integration For Effective Storage Management
Mountpoint for Amazon S3 is a simple, high-throughput file client for mounting an Amazon S3 bucket as a local file system. With Mountpoint for Amazon S3, your applications can access objects stored in Amazon S3 through file operations like open and read. Mountpoint for Amazon S3 automatically translates these operations into S3 object API calls, giving your applications access...
LitterBox : The Ultimate Sandbox Environment For Malware Testing And Red Team Operations
Your malware's favorite sandbox - where red teamers come to bury their payloads. A sandbox environment designed specifically for malware development and payload testing. This Web Application enables red teamers to validate evasion techniques, assess detection signatures, and test implant behavior before deployment in the field. Think of it as your personal LitterBox for perfecting your tradecraft without leaving traces on production...
RWX_MEMORY_HUNT_AND_INJECTION_DV : Exploiting OneDrive.exe To Inject Shellcode Without New RWX Allocations
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region. This technique is finding RWX region in already running processes in this case OneDrive.exe and Write shellcode into that region and execute it without calling VirtualProtect, VirtualAllocEx, VirtualAlloc. Usage Just compile the program and run the (EXE) without any paremeter. Steps Find the OneDrive.exe in...
Heap Exploitation Training : A Comprehensive Guide From Basics To Advanced Techniques
This article delves into our comprehensive training program designed to teach you the intricacies of exploiting heap vulnerabilities in glibc. Originally taught at prestigious conferences like DEFCON and CanSecWest, this program offers a mix of free videos, slides, and hands-on exercises to enhance your learning. Whether you are a beginner looking to understand the basics of malloc and heap...
