In the world of cybersecurity, where things change quickly, it's important to do thorough and fast penetration testing. Here comes…
This is a tool used to discover endpoints (and potential parameters) for a given target. It can find them by:…
Osquery queries for Detection & Incident Response, containing 250+ production-ready queries. ODK (osquery-defense-kit) is unique in that the queries are…
Privilege escalation from NT Service to SYSTEM using SeImpersonateToken privilege and MS-RPRN functions. Heavily based Reflective Loader from Install Clone…
All the deals for InfoSec related software/tools this Black Friday / Cyber Monday. Researcher was a little late getting started…
This piece talks about eBPF tools and shows how they can be used to improve system monitoring by keeping track…
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way,…
Karton-Pcap-Miner is a strong program that quickly pulls network indicators from analysis PCAP files." It works with MWDB without any…
Crawlector (the name Crawlector is a combination of Crawler & Detector) is a threat-hunting framework designed for scanning websites for malicious objects. Note-1:…
This challenge is Inon Shkedy's 31 days API Security Tips -API TIP: 1/31- Older APIs versions tend to be more…