.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Mimicry : Security Tool For Active Deception In Exploitation And Post-Exploitation
.png "Mimicry : Security Tool For Active Deception In Exploitation And Post-Exploitation")
Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation. Active deception can live migrate the attacker to the honeypot without awareness. We can achieve a higher security level at a lower cost with Active deception. Demo Quick Start 1. Make sure docker, docker-compose is installed correctly on the machine docker info docker-compose version 2. Install honeypot service docker-compose build docker-compose up...
How to Use the Snort IDS/IPS Complete Practical Guide
Snort is a widely used open-source Network Intrusion Detection System (NIDS) that can analyze network traffic and detect potential security threats. It works by analyzing network traffic in real time and comparing it against a set of rules, which the user or administrator defines. It can detect various attacks, such as port scans, buffer overflows, and malware infections. When Snort...
Wifi_Db : Script To Parse Aircrack-ng Captures To A SQLite Database
Wifi_Db is a script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes(in 22000 hashcat format), MGT identities, interesting relations between APs, clients and it's Probes, WPS information and a global view of all the APs seen. Features Displays if a network is cloaked (hidden) even if you have the ESSID. Shows a detailed table of connected...
Seekr : A Multi-Purpose OSINT Toolkit With A Neat Web-Interface
.png "Seekr : A Multi-Purpose OSINT Toolkit With A Neat Web-Interface")
Seekr is a multi-purpose toolkit for gathering and managing OSINT-data with a sleek web interface. Our desktop view enables you to have all of your favourite OSINT tools integrated in one. The backend is written in Go with BadgerDB as database and it offers a wide range of features for data collection, organization, and analysis. Whether you're a researcher,...
Grepmarx : A Source Code Static Analysis Platform For AppSec Enthusiasts
.png "Grepmarx : A Source Code Static Analysis Platform For AppSec Enthusiasts")
Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases. Features SAST (Static Analysis Security Testing) capabilities: Multiple languages support: C/C++, C#, Go, HTML, Java, Kotlin, JavaScript, TypeScript, OCaml, PHP, Python, Ruby, Bash, Rust, Scala, Solidity, Terraform, Swift Multiple frameworks support: Spring, Laravel, Symfony, Django, Flask, Node.js, jQuery, Express, Angular... 1600+...
Power of Ecommerce Fraud Prevention Tools
In today's digital age, online businesses are becoming increasingly vulnerable to fraud. With the rise of e-commerce, cybercriminals have found new ways to exploit vulnerabilities in payment systems and steal sensitive information from unsuspecting customers. As an online business owner, it is your responsibility to protect your customers' data and prevent fraudulent activities on your platform. This is where e-commerce...
Shoggoth – Asmjit Based Polymorphic Encryptor
.png "Shoggoth – Asmjit Based Polymorphic Encryptor")
Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode, PE, and COFF files polymorphically. Shoggoth will generate an output file that stores the payload and its corresponding loader in an obfuscated form. Since the content of the output is position-independent, it can be executed directly as a shellcode. While the payload is executing,...
CMLoot : Find Interesting Files Stored On (System Center) Configuration Manager (SCCM/CM) SMB Shares
.png "CMLoot : Find Interesting Files Stored On (System Center) Configuration Manager (SCCM/CM) SMB Shares")
CMLoot was created to easily find interesting files stored on System Center Configuration Manager (SCCM/CM) SMB shares. The shares are used for distributing software to Windows clients in Windows enterprise environments and can contains scripts/configuration files with passwords, certificates (pfx), etc. Most SCCM deployments are configured to allow all users to read the files on the shares, sometimes it...
RedditC2 : Abusing Reddit API To Host The C2 Traffic
RedditC2 is an abusing Reddit API To Host The C2 Traffic, Since Most Of The Blue-Team Members Use Reddit, It Might Be A Great Way To Make The Traffic Look Legit : Use of this project is for Educational/ Testing purposes only. Using it on unauthorised machines is strictly forbidden. If somebody is found to use it for illegal/ malicious...
Noseyparker : Find Secrets And Sensitive Information In Textual Data And Git History
.png "Noseyparker : Find Secrets And Sensitive Information In Textual Data And Git History")
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data. It is useful both for offensive and defensive security testing. Key features: It supports scanning files, directories, and the entire history of Git repositories It uses regular expression matching with a set of 95 patterns chosen for high signal-to-noise based on experience and feedback from offensive security...
