WHAT'S NEW
- All
- Accessories
- Android
- Android
- Applications
- Blog
- Bluetooth
- Cyber security
- Database Assessment
- Exploitation Tools
- Forensics
- Hacking Tools
- Information Gathering
- iphone
- Kali Linux
- Kali Linux Tools
- Linux
- Malware
- New Post
- Password Attacks
- PCI
- Pentesting Tools
- Phishing
- Post Exploitation
- Security Hacker
- Sniffing/Spoofing
- software
- Stress Testing
- TECH
- Tech today
- Tutorials
- VPN
- Vulnerability Analysis
- Web Application Analysis
- Wi-Fi
- Wi-Fi
- Windows
- Wireless Attacks
- YECH
SecHub : Streamlining Security Across Software Development Lifecycles
Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals
hrtng IDA Plugin : Elevating IDA’s Capabilities For Advanced Malware Analysis
DarkFlare : Bypassing Censorship With TCP-Over-CDN Technology
BootExecute EDR Bypass : A Deep Dive Into Early Execution Techniques
WINDOWS PHONE
HABU – Network Penetration Testing Toolkit for Hackers and Pentesters
LATEST ARTICLES
SecHub : Streamlining Security Across Software Development Lifecycles
The free and open-source security platform SecHub, provides a central API to test software with different security tools. SecHub supports many free and open-source as well as proprietary security tools. SecHub Features: Easy to use Scan using one API/client Single human readable report Mark findings as false-positive Supports many security tools Provides IDE and text editor plugins Supported Security Tools: Code scanners Secrets scanners Web scanners Infrastructure scanners License scanners Getting Started SecHub Getting...
Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals
Don't worry if there are any bugs in the tool, we will try to fix them. This OSINT tool has been created to assist cybersecurity professionals, law enforcement, and security researchers in conducting legal and ethical investigations on email addresses, in compliance with applicable laws. Any malicious use, such as harassment, fraud, or illegal activities, is strictly prohibited. TOR66 I have...
hrtng IDA Plugin : Elevating IDA’s Capabilities For Advanced Malware Analysis
hrtng IDA plugin is a collection of tools, ideas and experiments from different sources I've found interesting and useful in my reversing work. A practical guide to the reverse of a complex malware using the example of dissecting a FinSpy module with help of hrtng IDA plugin on securelist There is no one place in menu where all functionality of the...
DarkFlare : Bypassing Censorship With TCP-Over-CDN Technology
A stealthy command line tool to create TCP-over-CDN(http) tunnels that keep your connections cozy and comfortable. Now with public test relay servers! What Is This Sorcery? DarkFlare is a clever little tool that disguises your TCP traffic as innocent HTTPS requests, letting them pass through corporate firewalls like a VIP at a nightclub. It's like a tunnel, but with more style...
BootExecute EDR Bypass : A Deep Dive Into Early Execution Techniques
Boot Execute allows native applications—executables with the NtProcessStartup entry point and dependencies solely on ntdll.dll—to run prior to the complete initialization of the Windows operating system. This occurs even before Windows services are launched. Historically, attackers have exploited this mechanism as a rudimentary persistence method. However, utilizing this feature requires administrative privileges, both to modify the corresponding registry key...
Hooka : Advanced Shellcode Loader Generation With Enhanced Evasion Techniques
Hooka is able to generate shellcode loaders with multiple capabilities. It is also based on other tools like BokuLoader, Freeze or Shhhloader, and it tries to implement more evasion features. Why in Golang? Why not? Features This tool is able to generate loaders with this features: Multiple shellcode injection techniques: SuspendedProcess ProcessHollowing NtCreateThreadEx EtwpCreateEtwThread NtQueueApcThreadEx No-RWX Get shellcode from raw file, PE, DLL or from a URL EXE and DLL...
GBounty : Streamlining Vulnerability Scanning For Web Applications
Multi-step website vulnerability scanner designed to help pentesters and bug hunters identify potential vulnerabilities in web applications. We have a dedicated repository that houses various type of web vulnerability profiles contributed by security researchers and engineers. Getting started Install GBounty To start using GBounty, you can either install it using Go, or download one of the pre-compiled binaries from GitHub Releases. Installation With Go GBounty...
Chemonics Data Breach Exposed 260,000+ Individuals Personal nformation
Chemonics International, a major international development company and contractor for USAID, has recently disclosed a significant data breach affecting over 260,000 individuals. The incident, which was discovered on December 15, 2023, involved unauthorized access to the company's computer network over an extended period. Timeline And Scope Of The Breach The unauthorized access to Chemonics' systems began on May 30, 2023, and...
SkyScalpel : The Art Of Cloud Policy Obfuscation And Detection
SkyScalpel is an open-source framework for JSON policy parsing, obfuscation, deobfuscation, and detection in cloud environments. It provides flexible and highly configurable mechanisms to handle JSON-level obfuscation, IAM policy transformations, and the detection of evasive obfuscation techniques in cloud security contexts. Built on a custom C# JSON tokenizer and syntax tree parser, SkyScalpel offers unique insights into how obfuscated cloud...
go-lsass : Remote LSASS Memory Dumping via SMB
Package go-lsass is a tool built to dump the memory of the LSASS process remotely by uploading a local LSASS dumper, executing it as a service and then retrieve the dump file using SMB. It is built on top of the library go-smb and is designed to primarily work with the LSASS dumper. NOTE that the LSASS dumper utility is...