Burp-Rxss-scan-TG : Enhancing XSS Scanning With Burp Suite Extensions
Burp Suite is a powerful tool for web application security testing, widely used by professionals to identify vulnerabilities such as cross-site scripting (XSS). The Burp-Rxss-scan-TG extension is designed to enhance the scanning capabilities of Burp Suite for XSS vulnerabilities by leveraging custom payloads stored in a file named xss.txt. Functionality Of Burp-Rxss-scan-TG Custom Payload Management: Users can create a file named xss.txt...
GPT Crawler : A Tool For Custom GPT Creation
The GPT Crawler is a powerful tool designed to crawl websites and generate knowledge files that can be used to create custom GPT models from one or multiple URLs. This project, developed by Builder.io, allows users to easily build their own custom GPTs or assistants by leveraging web content. Key Features Of GPT Crawler Crawling Functionality: The tool crawls specified URLs...
CPUMicrocodes : A Gateway To Advanced CPU Microcode Management And Optimization
CPUMicrocodes is a comprehensive repository of microcodes for Intel, AMD, VIA, and Freescale CPUs. Microcode is a low-level firmware that translates machine code instructions into hardware-specific operations, playing a crucial role in CPU functionality, performance, and compatibility. The CPUMicrocodes repository is essential for upgrading, research, and development purposes, providing access to the latest production microcodes from official sources. Features Of...
Tweet-Machine : Hidden Twitter Histories With Advanced OSINT Capabilities
Tweet-Machine is an Open-Source Intelligence (OSINT) tool designed to retrieve deleted tweets and replies from any Twitter user, even if their account has been suspended. This tool is particularly useful for researchers, investigators, and anyone interested in analyzing historical Twitter data. Purpose And Functionality Tweet-Machine is built to provide comprehensive access to Twitter data that would otherwise be inaccessible due to...
2025-03-04 (Tuesday) : Group Claiming To Be BianLian Sends Paper-Based Extortion Letters via Postal Service
On March 4, 2025, a group claiming to be the notorious threat actor BianLian began sending paper-based extortion letters to executives at U.S.-based organizations. These letters demand ransom payments in Bitcoin to prevent the alleged disclosure of sensitive data, with amounts ranging from $200,000 to $500,00013. However, several factors suggest that these letters may not be from the actual...
Blindsight : Advanced Techniques In Red Teaming And LSASS Memory Exploitation
Blindsight is a red teaming tool designed to dump LSASS (Local Security Authority Subsystem Service) memory on Windows systems, bypassing basic countermeasures. It utilizes the Transactional NTFS (TxF API) to transparently scramble the memory dump, which helps avoid triggering antivirus, endpoint detection and response (EDR), and extended detection and response (XDR) systems. Functionality LSASS Memory Dumping: Blindsight allows users to dump...
Hiphp : Mastering Remote Management Of PHP Websites
Hiphp, developed by Yasserbdj96, is an open-source tool designed to create a backdoor for controlling PHP-based websites. It operates via HTTP/HTTPS protocols and leverages the POST/GET methods on port 80, enabling users to remotely manage their sites. This tool offers functionalities such as file downloading, editing, and connecting to Tor networks for added security. Core Features Of Hiphp Remote Website Management: Hiphp...
PowerShell-Hunter : A Comprehensive Toolset For Threat Hunting
PowerShell-Hunter is a robust collection of PowerShell-based tools designed to aid security analysts in detecting and investigating malicious activities within Windows environments. This project leverages PowerShell's native capabilities to provide flexible and powerful tools for threat hunting. Key Tools And Features PowerShell 4104 Event Analysis Smart Pattern Detection: Identifies common attack techniques through pre-configured patterns. Risk Scoring: Prioritizes investigations using a weighted scoring...
DE-TH-Aura : Detection Engineering And Threat Hunting By SecurityAura
DE-TH-Aura, an initiative by SecurityAura, focuses on enhancing detection engineering and threat hunting capabilities using KQL (Kusto Query Language). This effort is primarily aimed at leveraging the Microsoft Defender XDR suite and logs ingested through Microsoft Sentinel, such as Windows Security Event Logs. The project is hosted on a GitHub repository where SecurityAura shares queries developed from various sources,...
MassVulScan : A Comprehensive Network Scanning Tool
MassVulScan is a powerful network scanning tool designed for pentesters and system administrators to identify open ports and potential security vulnerabilities across large-scale networks. It leverages the capabilities of masscan for rapid port scanning and nmap for detailed service analysis, making it an efficient tool for network security assessments. Key Features Fast Port Scanning: Utilizes masscan to quickly detect open TCP/UDP...
.png "Coercer : A Python Script To Automatically Coerce A Windows Server To Authenticate On An Arbitrary Machine")
