EchoDrv – Unveiling Kernel Vulnerabilities In ECHOAC Anti-Cheat Driver echo_driver.sys
.webp "EchoDrv – Unveiling Kernel Vulnerabilities In ECHOAC Anti-Cheat Driver echo_driver.sys")
In the realm of cybersecurity, the relentless battle between attackers and defenders rages on. Enter EchoDrv, a potent tool that exposes the vulnerabilities lurking within the ECHOAC anti-cheat driver, echo_driver.sys. In this article, we delve into the world of EchoDrv, exploring its usage, sponsors, and the credits behind its creation, all while emphasizing the importance of responsible use in...
Ghost – Unmasking The Intricacies Of A Remote Access Trojan
.webp "Ghost – Unmasking The Intricacies Of A Remote Access Trojan")
Ghost is a light RAT that gives the server/attacker full remote access to the user's command-line interpreter (cmd.exe). They are allowed to execute commands silently without the client/zombie noticing. The server/attacker is also given the ability to download and execute files on the client/zombie's computer. This is also a silent and hidden process. Like most Remote Access Trojans, this download and execution...
LOLSpoof – A Clever Technique To Evade Command Line Detection And Maintain OPSEC
.webp "LOLSpoof – A Clever Technique To Evade Command Line Detection And Maintain OPSEC")
LOLSpoof is a an interactive shell program that automatically spoof the command line arguments of the spawned process. Just call your incriminate-looking command line LOLBin (e.g. powershell -w hidden -enc ZwBlAHQALQBwAHIAbwBjAGUA....) and LOLSpoof will ensure that the process creation telemetry appears legitimate and clear. Why Process command line is a very monitored telemetry, being thoroughly inspected by AV/EDRs, SOC analysts or threat...
FalconHound – Empowering Blue Teams With Automated BloodHound Integration
.webp "FalconHound – Empowering Blue Teams With Automated BloodHound Integration")
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool. One of the challenging aspects of BloodHound is that it is a snapshot in time. FalconHound includes functionality that can be...
Uscrapper 2.0 – Unleashing The Power Of OSINT Web Scraping For Data Extraction
.webp "Uscrapper 2.0 – Unleashing The Power Of OSINT Web Scraping For Data Extraction")
Introducing Uscrapper 2.0, A powerfull OSINT webscrapper that allows users to extract various personal information from a website. It leverages web scraping techniques and regular expressions to extract email addresses, social media links, author names, geolocations, phone numbers, and usernames from both hyperlinked and non-hyperlinked sources on the webpage, supports multithreading to make this process faster, Uscrapper 2.0 is...
GSSAPI-Abuse : Leveraging Kerberos Stacks For Authentication Abuse
.webp "GSSAPI-Abuse : Leveraging Kerberos Stacks For Authentication Abuse")
gssapi-abuse was released as part of my DEF CON 31 talk. A full write up on the abuse vector can be found here: A Broken Marriage: Abusing Mixed Vendor Kerberos Stacks The tool has two features. The first is the ability to enumerate non Windows hosts that are joined to Active Directory that offer GSSAPI authentication over SSH. The second feature is...
DllNotificationInjection – Exploring A Novel Threadless Process Injection Technique
DllNotificationInection is a POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes. An accompanying blog post with more details is available here How It Works? DllNotificationInection works by creating a new LDR_DLL_NOTIFICATION_ENTRY in the remote process. It inserts it manually into the remote LdrpDllNotificationList by patching of the List.Flink of the list head and...
httpAlive – URL Analysis Tool For Web Application Penetration Test
.webp "httpAlive – URL Analysis Tool For Web Application Penetration Test")
Discover 'httpAlive,' a powerful URL analysis tool designed for web application penetration testing. With features like user-agent rotation, multithreading, and colorized output, this versatile tool efficiently probes for alive subdomains and URLs. In this article, we'll explore its capabilities, installation, and usage, empowering you with a valuable asset for enhancing your web application security assessments. Overview The "httpAlive" tool is designed...
DDoS Scripts – Supercharging Your Kali Linux With Hacking Tools
.webp "DDoS Scripts – Supercharging Your Kali Linux With Hacking Tools")
Explore the world of DDoS scripts and hacking tools to enhance your Kali Linux experience. In this comprehensive guide, we dive into the latest updates and additions, such as Nvidia GPU drivers, Arc themes, and essential security tools. Discover how to supercharge your Kali Linux system and stay at the forefront of cybersecurity. All things to do after installing...
katoolin – Streamline Your Kali Linux Tool Installation With This Comprehensive Guide
.webp "katoolin – Streamline Your Kali Linux Tool Installation With This Comprehensive Guide")
katoolin is a powerful tool that simplifies the installation of Kali Linux tools on compatible systems. With the ability to add or remove Kali Linux repositories and effortlessly install a wide range of security tools, katoolin streamlines the process, making it accessible even for those new to Kali Linux. In this guide, we will explore the features, installation, and...
