.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
MITRE ATT&CK Evaluations And Must-Have Intelligence For Security Leaders
In today’s dynamic threat landscape, security leaders are under constant pressure to make informed choices about which solutions and strategies they employ to protect their organizations. The “MITRE Engenuity ATT&CK Evaluations (PDF Guide): Enterprise” stand out as an essential resource for cybersecurity decision makers to navigate this challenge. Unlike other independent assessments, MITRE ATT&CK Evaluations simulate real-world threats to assess how...
DICOMHawk – A Honeypot For Secure DICOM Server Monitoring
DICOMHawk is a powerful and efficient honeypot for DICOM servers, designed to attract and log unauthorized access attempts and interactions. Built using Flask and pynetdicom, DICOMHawk offers a streamlined web interface for monitoring and managing DICOM interactions in real-time. Features DICOM Server Simulation: Supports C-ECHO, C-FIND, and C-STORE operations to simulate a realistic DICOM server environment. Logging: Detailed logging of DICOM associations,...
Stratus Red Team – Advancing Threat Detection And Offensive Testing In Cloud Environments
Stratus Red Team is a cutting-edge tool designed to enhance cloud security by simulating granular attack techniques in live environments. Inspired by Atomic Red Team™, it focuses exclusively on cloud-based scenarios, allowing security teams to validate and refine their threat detection capabilities. This self-contained binary enables users to detonate specific techniques mapped to the MITRE ATT&CK framework. Whether stopping...
Bomber : Navigating Security Vulnerabilities In SBOMs
.webp "Bomber : Navigating Security Vulnerabilities In SBOMs")
bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor for an Software Bill of Materials (SBOM) for one of their closed source products, and they provided one to you in a JSON file... now what? The first thing you're going to want to do is see if any of the components listed inside the...
EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections. Each section is encrypted individually using its own 16-byte key with the RC4 encryption algorithm. Implementation This repository consists of two implementations: EmbedPayloadInPng.py - Python script to embed an input payload to a specified PNG file. FetchPayloadFromPng - Extract the payload from EmbedPayloadInPng.py's outputted PNG file, and decrypt...
Exploit Street – Navigating The New Terrain Of Windows LPEs
Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local Privilege Escalation (LPE) exploits targeting Windows systems. Since 2023, there has been a notable surge in these vulnerabilities, yet comprehensive resources detailing them have been scarce—until now. This article aims to bridge that gap, providing cybersecurity professionals and enthusiasts with an essential guide to...
ShadowDumper – Advanced Techniques For LSASS Memory Extraction
Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service) memory, often needed in penetration testing and red teaming activities. It offers flexible options to users and uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory. Capabilities Unhooked Injection (Modified Mimikatz Binary) – Utilizes unhooking to inject a modified Mimikatz...
Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation while leveraging Rust’s safety and performance features. This project is intended for educational and research purposes. The project also provides useful crates for developing rootkits, such as shadowx, which consolidates core logic and essential techniques. It includes rootkit-specific tricks, with plans for additional features in...
ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK
Extract and execute a PE embedded within a PNG file using an LNK file. The PE file is encrypted using a single-key XOR algorithm and then injected as an IDAT section to the end of a specified PNG file. Quick Links Maldev Academy Home Maldev Academy Syllabus Maldev Academy Pricing Usage Use InsertPeIntoPng.py to create the embedded PNG file and generate the extraction LNK file: The...
Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations
Embark on the journey of becoming a certified Red Team professional with our definitive guide. This article provides a comprehensive overview of the top Red Team certifications including CRTP, CRTE, and CRTO, complete with detailed course write-ups and indispensable cheat sheets. Whether you're starting out or looking to advance your skills, this guide is your gateway to mastering Red Team...
.png "LEAF : Linux Evidence Acquisition Framework")
