.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
ADFSRelay : Proof Of Concept Utilities Developed To Research NTLM Relaying Attacks Targeting ADFS
.png "ADFSRelay : Proof Of Concept Utilities Developed To Research NTLM Relaying Attacks Targeting ADFS")
ADFSRelay is a repository includes two utilities NTLMParse and ADFSRelay. NTLMParse is a utility for decoding base64-encoded NTLM messages and printing information about the underlying properties and fields within the message. Examining these NTLM messages is helpful when researching the behavior of a particular NTLM implementation. ADFSRelay is a proof of concept utility developed while researching the feasibility of...
Protecting Kubernetes Deployments with Azure Sentinel
What Is Azure Sentinel? Microsoft Sentinel is a cloud native security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution. It provides security analytics, threat intelligence, threat visibility, attack detection, proactive hunting, and threat response. It builds on Azure services, natively incorporating proven foundations, such as Logic Apps and Log Analytics. It enriches investigation and detection with...
Reconator – Automated Recon for Pentesting & Bug Bounty
Reconator is a Framework for automating your process of reconnaissance without any Computing resource (Systemless Recon) at free of cost. It is designed to host on Heroku which is a free cloud hosting provider. It performs the work of enumerations along with many vulnerability checks and obtains maximum information about the target domain. It also performs various vulnerability checks like XSS,...
FarsightAD : PowerShell Script That Aim To Help Uncovering (Eventual) Persistence Mechanisms
FarsightAD is a PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory domain compromise. The script produces CSV / JSON file exports of various objects and their attributes, enriched with timestamps from replication metadata. Additionally, if executed with replication privileges, the Directory Replication Service (DRS) protocol is leveraged to detect...
Tethering Your Smartphone To A Linux Desktop – What You Should Know?
Using your phone’s internet on your Linux PC is fairly straightforward, and similar to that of Windows or Mac, with a few subtle differences to know about. If you want to take your Linux computer online, but don’t have any wireless or ethernet network nearby, the best solution is tethering your smartphone. Having emerged during the primitive age of 2G,...
Havoc : Modern and malleable post-exploitation command and control framework
.png "Havoc : Modern and malleable post-exploitation command and control framework")
Havoc is a modern and malleable post-exploitation command and control framework, created by @C5pider. ⚠️Havoc is in an early state of release. Breaking changes may be made to APIs/core structures as the framework matures. Support Consider supporting C5pider on Patreon/Github Sponsors. Additional features are planned for supporters in the future, such as custom agents/plugins/commands/etc. Quick Start Please see the Wiki for complete documentation. Havoc works...
OFRAK : Unpack, Modify, And Repack Binaries
.png "OFRAK : Unpack, Modify, And Repack Binaries")
OFRAK (Open Firmware Reverse Analysis Konsole) is a binary analysis and modification platform. OFRAK combines the ability to: Identify and Unpack many binary formats Analyze unpacked binaries with field-tested reverse engineering tools Modify and Repack binaries with powerful patching strategies OFRAK supports a range of embedded firmware file formats beyond userspace executables, including: Compressed filesystems Compressed & checksummed firmware Bootloaders RTOS/OS kernels OFRAK equips users with: A Graphical User...
Autobloody : Tool To Automatically Exploit Active Directory Privilege Escalation Paths Shown By BloodHound
.png "Autobloody : Tool To Automatically Exploit Active Directory Privilege Escalation Paths Shown By BloodHound")
Autobloody is a tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound. Description This tool automates the AD privesc between two AD objects, the source (the one we own) and the target (the one we want) if a privesc path exists in BloodHound database. The automation is composed of two steps: Finding the optimal path for privesc using bloodhound...
S3Crets Scanner : Hunting For Secrets Uploaded To Public S3 Buckets
.png "S3Crets Scanner : Hunting For Secrets Uploaded To Public S3 Buckets")
S3cret Scanner tool designed to provide a complementary layer for the Amazon S3 Security Best Practices by proactively hunting secrets in public S3 buckets. Can be executed as scheduled task or On-Demand. Automation Workflow The automation will perform the following actions: List the public buckets in the account (Set with ACL of Public or objects can be public)List the textual or sensitive files...
Pen Andro – An Automated Android Penetration Testing Tool
Introduction Pen-Andro Script will automate the process of installing all necessary tools & tasks for Android Pentesting i.e Moving Burpsuite Certificate,Installing Adb frida server, APKs like proxy toggle, proxydroid, adbwifi. Usage Open Terminal Run below command curl -sL https://tinyurl.com/pen-Android | sudo bash Preconditions Burpsuite proxy Running at 127.0.0.1:8080 Rooted Android device connected via adb (Only one device should be connected) Magisk App (It will make installation easy...
