VPS-Bug-Bounty-Tools : Automating Web Security Tools Installation
.webp "VPS-Bug-Bounty-Tools : Automating Web Security Tools Installation")
Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty. Usage: cd /tmp && git clone https://github.com/drak3hft7/VPS-Bug-Bounty-Tools cd VPS-Bug-Bounty-Tools sudo ./Tools-BugBounty-installer.sh Example During Installation: List Of Tools Inserted: Network Scanner: Nmap Masscan Naabu Subdomain Enumeration And DNS Resolver: Massdns Subfinder Knock Lazyrecon Github-subdomains Sublist3r Crtndstry Assetfinder Dnsx Dnsgen Subdomain Takeovers: SubOver Web Fuzzer: Dirsearch Ffuf Wordlists: SecLists Scanner CMS: Wpscan Droopescan Vuln SQL: SQLmap NoSQLmap Jeeves Enumeration Javascript: LinkFinder SecretFinder JSParser Visual Recon: Aquatone Crawling Web: GoSpider Hakrawler Katana Vuln XSS: XSStrike XSS-Loader Freq Gxss Dalfox Vuln SSRF: SSRFmap Gopherus Vulnerability Scanner: Nuclei Virtual Host Discovery: Virtual host scanner Useful Tools: Anew Unew Gf Httprobe Httpx Waybackurls Arjun Gau Uro Qsreplace SocialHunter Update - Time Line: 28 September 2021: Inserted into the script...
Stardust – A Deep Dive Into A 64-Bit Position Independent Implant Template
An modern 64-bit position independent implant template. raw strings global instance compile time hashing #include <Common.h> #include <Constexpr.h> FUNC VOID Main( _In_ PVOID Param ) { STARDUST_INSTANCE PVOID Message = { 0 }; // // resolve kernel32.dll related functions // if ( ( Instance()->Modules.Kernel32 =...
Automated Emulation – Building A Customizable Breach And Attack Simulation Lab With AWS And Terraform
%20(1).webp "Automated Emulation – Building A Customizable Breach And Attack Simulation Lab With AWS And Terraform")
Automated Emulation is a simple terraform template creating a customizable and automated Breach and Attack Simulation lab. It automically builds the following resources hosted in AWS: One Linux server deploying Caldera, Prelude Operator Headless, and VECTR One Windows Client (Windows Server 2022) auto-configured for Caldera agent deployment, Prelude pneuma, and other Red And Blue tools See the Features and Capabilities section for more details. Key...
CVE-2023-22527 in Confluence : A Step-by-Step Guide And Its Implications
.webp "CVE-2023-22527 in Confluence : A Step-by-Step Guide And Its Implications")
In the world of cybersecurity, staying informed about the latest vulnerabilities is crucial. One such vulnerability that has garnered attention is CVE-2023-22527 in Confluence, a popular collaboration platform. In this article, we'll delve into the details of this vulnerability and provide a step-by-step guide on how it can be exploited. By the end, you'll gain a better understanding of...
Wormhole Connect – Navigating The Ecosystem For Simplifying Cross-Chain Integration
.webp "Wormhole Connect – Navigating The Ecosystem For Simplifying Cross-Chain Integration")
Wormhole Connect is a project to facilitate integration with the Wormhole protocol. It is thus far comprised of 3 components: wormhole-connect, sdk and builder. Below is a brief introduction on each, see the corresponding READMEs for more information. Wormhole Connect An app that brings all the functionality and utility of the Wormhole token bridge right into your application and removes all...
YaraDbg – Simplifying Yara Rule Development And Analysis For Security Analysts
.webp "YaraDbg – Simplifying Yara Rule Development And Analysis For Security Analysts")
YaraDbg is a free web-based Yara debugger to help security analysts to write hunting or detection rules with less effort and more confidence. By using YaraDbg, you can perform a thorough root-cause-analysis (RCA) on why some of your Yara rules did or did not match with a specific file. It can also help you to better maintain a large...
OpenVoice – Advancing Voice Cloning Technology
.webp "OpenVoice – Advancing Voice Cloning Technology")
In the ever-evolving world of voice technology, OpenVoice stands as a game-changer. This groundbreaking platform, developed by a team of experts from MIT, Tsinghua University, and MyShell, offers a trifecta of advantages: precise tone color cloning, fine-grained voice style control, and zero-shot cross-lingual capabilities. Since its launch in May 2023, OpenVoice has witnessed explosive growth, powering MyShell's instant voice...
BrowserStealer (Chrome / Firefox / Microsoft Edge)- Unveiling Password And Data Theft In Browsers
.webp "BrowserStealer (Chrome / Firefox / Microsoft Edge)- Unveiling Password And Data Theft In Browsers")
A comprehensive exploration of a powerful software tool designed to extract passwords, cookies, history, and bookmarks from popular web browsers. In this article, we delve into the inner workings of this tool, examining its capabilities, supported browsers, and additional features. Learn how BrowserStealer operates, its potential implications, and the importance of responsible usage. Chrome - All Chromium Based And Firefox...
Microsoft Defender For Endpoint Curated List Of Resources For DFIR – Microsoft Defender For Endpoint Guide
.webp "Microsoft Defender For Endpoint Curated List Of Resources For DFIR – Microsoft Defender For Endpoint Guide")
Hey, thank you stopping by! Well, being here means that you are either familiar with the discipline of Digital Forensics and Incident Reponse (DFIR) or you are interested in beginning to explore DFIR tools and techniques. The common denominator, no matter what your sense is around DFIR, is that you are using Microsoft Defender for Endpoint (MDE) and the...
WebCopilot – A Comprehensive Subdomain Enumeration And Bug Detection Tool
.webp "WebCopilot – A Comprehensive Subdomain Enumeration And Bug Detection Tool")
WebCopilot is an automation tool designed to enumerate subdomains of the target and detect bugs using different open-source tools. The script first enumerate all the subdomains of the given target domain using assetfinder, sublister, subfinder, amass, findomain, hackertarget, riddler and crt then do active subdomain enumeration using gobuster from SecLists wordlist then filters out all the live subdomains using dnsx then...
