.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
CVEScannerV2 – Enhancing Network Security With Nmap Vulnerability Detection Script
An advanced Nmap script designed to detect potential vulnerabilities in network services. This article delves into the technical specifics, requirements, and operational details of the script, providing a comprehensive guide for enhancing your network's security. Learn how to effectively use CVEScannerV2 to identify vulnerabilities across various services and versions. Nmap script that provides information about probable vulnerabilities based on discovered...
File Tunnel – Innovative TCP Connection Tunneling via Files
A powerful tool designed to tunnel TCP connections through a file. Ideal for circumventing firewalls and establishing secure network links, File Tunnel leverages shared file systems to enable seamless communication between hosts. This article delves into practical uses, setup examples, and the underlying technology that makes it all possible. Host A ft.exe -L 5000:127.0.0.1:3389 --write "\servershare1.dat" --read "\servershare2.dat" This command listens for...
Tartufo API – Configuration, Rules, And Scanning Capabilities
Dive into the world of Tartufo, a powerful tool designed for scanning and managing security vulnerabilities through regular expressions. This article offers a comprehensive API reference guide for all public classes and functions within Tartufo, from configuring scans to compiling and applying rules. Learn how to effectively utilize Tartufo to enhance your security protocols and streamline your codebase examination...
Would You Like To Know More In Tartufo – Cleaning Up Git Repositories Of Sensitive Data
If the other documentation left you wondering what to do with the results of your scans, and unsure how to get rid of those pesky leaked secrets, then look no further! End-to-End Example An End-to-End example walkthrough of a tartufo scan and the process of purging the dirty evil passwords that somehow ended up in your code commits. Clone your repo! Select and clone the...
QuickShell – Advanced Vulnerabilities And Tools For Quick Share At DEF CON 32
This project showcases the vulnerability research that we conducted on Quick Share, which we presented at DEF CON 32 (2024). Our work reveals critical vulnerabilities and includes tools we’ve developed, including a Remote Code Execution (RCE) attack chain tool. DEF CON Talk link Technical Blog Post link Repository Contents This repository includes the tools we developed during our research: quick_shell: Implements the entire RCE...
Awesome_GPT_Super_Prompting : Jailbreaks, Leaks, Injections, Libraries, Attack, Defense And Prompt Engineering Resources
A comprehensive guide exploring the nuances of GPT jailbreaks, prompt injections, and AI security. This article unpacks an arsenal of resources for both attack and defense strategies in the evolving landscape of large language models (LLMs). Whether you're a developer, security expert, or AI enthusiast, prepare to advance your knowledge with insights into prompt engineering and adversarial machine learning. What...
NamedPipeMaster – A Comprehensive Toolkit For Named Pipe Analysis And Interaction
NamedPipeMaster is a versatile tool for analyzing and monitoring in named pipes. It includes Ring3NamedPipeConsumer for direct server interaction, Ring3NamedPipeMonitor for DLL-based API hooking and data collection, and Ring0NamedPipeFilter for comprehensive system-wide monitoring. The tool supports proactive and passive interactions, collects detailed communication data, and features a filter for specific event searches. Features Named Pipe Interaction: Proactive Interaction: Actively interact with a...
CVE-2024-38473 Nuclei Template : Mastering Apache ACL Bypass Techniques
Nuclei template designed to detect Apache servers vulnerable to CVE-2024-38473. It first identifies servers running Apache < 2.4.60 with default PHP-FPM settings. Then, it fuzzes for potential PHP files protected by ACLs that might be bypassed due to this vulnerability. Install To use this Nuclei template, you need to clone the repository. You can do this by running the following command: git clone...
RS-Shell : A Rust-Based Reverse Shell Solution For Modern Cybersecurity Needs
RS-Shell is reverse shell solution developped in Rust with client, implant and server embedded in the same binary. This project has been mainly started to learn Rust with a tool that could help me in my work, and the code quality could be greatly improved. This project is like my Rust sandbox where I can test new things. RS-Shell implements...
EmuScan – Advanced Emulation Detection For Firmware And Devices
This test is based on ekknod's , with added emulation detection for common devices. Thanks to ekknod for his contribution.Thanks to my good friend HChai for providing the software interface and ideas. Important Functions Detecting DMA disguised devices Activate firmware (to be added in the future) Common Problem Q: The driver cannot be started A: 1. Run Powershell as an administrator bcdedit /set testsigning on reboot After rebooting,...
.webp "Bomber : Navigating Security Vulnerabilities In SBOMs")
