TelegramRAT – A Tool To Bypass Restricted Communications

A cross-platform Remote Access Tool that operates through Telegram, leveraging the secure messaging app for covert communication. Designed to navigate around network restrictions, TelegramRAT empowers users to remotely control computers, execute commands, retrieve system information, capture screenshots, and more, all while harnessing Telegram’s encrypted platform. In this overview, we delve into TelegramRAT’s functionality, installation process, …

Autopsy- 4.21.0 Release With Faster Search And Malware Scanning

The 4.21 version of Autopsy is out, and this blog post will cover three of the most notable new features.  You can see the full list of changes here. We’re going to cover, To download the latest version, go here. You can also attend a Webinar on September 12. Register here. Search For Keywords Without Building An Index …

NucleiFuzzer – An Automation Tool

NucleiFuzzer is an automation tool that combines and enhances web application security testing. It uses ParamSpider to identify potential entry points and Nuclei’s templates to scan for vulnerabilities.  NucleiFuzzer streamlines the process, making it easier for security professionals and web developers to detect and address security risks efficiently. Download NucleiFuzzer to protect your web applications from vulnerabilities and attacks. Note: Nuclei + Paramspider = NucleiFuzzer Tools Included: ParamSpider …

BadZure – A PowerShell To Set Up Azure Active Directory Tenants

BadZure is a PowerShell script that uses the Microsoft Graph SDK to set up Azure Active Directory tenants. It fills them with different entities and makes common security mistakes to make tenants that are easy to attack and have multiple entry points. BadZure automates the process of creating users, groups, application registrations, service principals, and …

CVE-2023-38035 – Arbitrary Command Execution As The Root user On Ivanti Sentry

Ivanti has just put out a warning about CVE-2023-38035. The vulnerability has been added to CISA KEV and is called an authentication bypass in the Ivanti Sentry user interface. This new flaw comes after a flaw in Ivanti EPMM (CVE-2023-35078) that was already being used in the wild. In this post, we’ll look closely at …

SysReptor – An Offensive Security Reporting Tool

SysReptor is a fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike. You can create designs based on simple HTML and CSS, write your reports in user-friendly Markdown and convert them to PDF with just a single click, in the cloud or self-hosted! Your Benefits SysReptor Cloud You …

PwnFox – A Firefox/Burp Extension For Security Audit

PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit. If you are a chrome user you can check https://github.com/nccgroup/autochrome. Features Single click BurpProxy Connect to Burp with a simple click, this will probably remove the need for other addons like foxyProxy. However if you need the extra features provided by foxyProxy you …

AD_Enumeration_Hunt – AD Pentesting Toolkit

Description Welcome to the AD Pentesting Toolkit! This repository contains a collection of PowerShell scripts and commands that can be used for Active Directory (AD) penetration testing and security assessment. The scripts cover various aspects of AD enumeration, user and group management, computer enumeration, network and security analysis, and more. The toolkit is intended for …

Wireshark 4.0.8 Release: What’s New!

Wireshark released the latest release note for 4.0.8 on its official page regarding bug fixes that have been detected earlier and updated protocol support. A network protocol analyzer, Wireshark captures packets from a network connection, providing insightful network analysis. The end of support for 32-bit Windows files has been planned for Wireshark 4.0 and later. …

Kali Linux 2023.3 Released – What’s New!

Kali Linux 2023.3 Released along with many tools and feature updates which can be useful for security researchers, penetration testers, bug bounty hunters and many other security personnels.  To highlight a few major changes from the previous release, there is a major stack change or Internal infrastructure to be precise. Additionally, Kali purple has been …