Stratus Red Team – Advancing Threat Detection And Offensive Testing In Cloud Environments
Stratus Red Team is a cutting-edge tool designed to enhance cloud security by simulating granular attack techniques in live environments.
Inspired by Atomic Red...
Bomber : Navigating Security Vulnerabilities In SBOMs
bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor for an Software Bill of Materials (SBOM) for one...
Exploit Street – Navigating The New Terrain Of Windows LPEs
Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local Privilege Escalation (LPE) exploits targeting Windows systems.
Since 2023,...
ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK
Extract and execute a PE embedded within a PNG file using an LNK file. The PE file is encrypted using a single-key XOR algorithm...
Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations
Embark on the journey of becoming a certified Red Team professional with our definitive guide.
This article provides a comprehensive overview of the top Red...
MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
Its foundation is a 100% custom-built C# LDAP parser that handles tokenization and...
Cloudkicker – Implementing Basic Authentication ith .htaccess And htpasswd
There are a number of excellent tutorials. I recommend this one:
Basically, you are going to create a .htaccess file in the directory you want...
EDRenum-BOF : Compiling Insights On Endpoint Detection And Response
In the evolving landscape of cybersecurity, understanding and mitigating threats through advanced tools is paramount.
"EDRenum-BOF" emerges as a critical utility designed to streamline...
LsassReflectDumping – A Deep Dive Into Secure Credential Extraction Techniques
This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process.
Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION...
CVE-2024-30090 : LPE Proof Of Concept Detailed
In the evolving landscape of cybersecurity, understanding the mechanisms behind vulnerabilities is crucial for both mitigation and responsible exploitation.
This article dives into CVE-2024-30090,...