Valid8Proxy: Streamlining Proxy Management for Web Scraping and Network Security
Valid8Proxy is a versatile and user-friendly tool designed for fetching, validating, and storing working proxies. Whether you need proxies for web scraping, data anonymization, or testing network security, Valid8Proxy simplifies the process by providing a seamless way to obtain reliable and verified proxies. Features: Proxy Fetching: Retrieve proxies from popular proxy sources with a single command. Proxy Validation: Efficiently validate proxies using multithreading to...
CATSploit: Revolutionizing Automated Penetration Testing with Cyber Attack Techniques Scoring (CATS) Method
CATSploit is an automated penetration testing tool using Cyber Attack Techniques Scoring (CATS) method that can be used without pentester. Currently, pentesters implicitly made the selection of suitable attack techniques for target systems to be attacked. CATSploit uses system configuration information such as OS, open ports, software version collected by scanner and calculates a score value for capture eVc...
Demonized Shell: Advancing Linux Persistence Techniques and Security Implications.
The article "Demonized Shell: Advancing Linux Persistence Techniques and Security Implications" goes into great detail about D3m0n1z3dShell, a complex tool made for making things persistent in Linux settings. The opening would probably talk about how this tool is a big step forward in Linux system security and how it has many features for keeping access and control over Linux...
EDRSilencer: A Tool for Managing EDR Outbound Traffic with Windows Filtering Platform.
Inspired by the closed source FireBlock tool FireBlock from MdSec NightHawk, I decided to create my own version and this tool was created with the aim of blocking the outbound traffic of running EDR processes using Windows Filtering Platform (WFP) APIs. This tool offers the following features: Search known running EDR processes and add WFP filter to block its outbound traffic Add WFP filter...
Cheat.sh: Unified Access to the Best Community Driven Cheat Sheets.
Of course! The piece "Cheat.sh: Unified Access to the Best Community Driven Cheat Sheets" talks about a new tool for programmers and IT experts. Cheat.sh has a simple interface that lets you quickly read cheat sheets for many programming languages, database management systems, and important UNIX and Linux commands. It stands out because it covers a lot of ground...
Red-Teamer Diaries: Insights and Techniques for Effective Penetration Testing
Publicly accessible notes about my pentesting/red teaming experiments tested on several controlled environments/infrastructures that involve playing with various tools and techniques used by penetration testers and redteamers during a security assessment. Contribute We welcome contributions as github pull requests.Kudos and thanks for the people who did the hard stuff Goals Pentest/red team cheatsheet that collects snippets of codes and commands to help pentester...
Windows Local Privilege Escalation Cookbook (In Progress)
Description (Keynote) This Cookbook was created with the main purpose of helping people understand local privilege escalation techniques on Windows environments. Moreover, it can be used for both attacking and defensive purposes. ℹ️ This Cookbook focuses only on misconfiguration vulnerabilities on Windows workstations/servers/machines. Evasion techniques to bypass security protections, endpoints, and antivirus are not included in this cookbook. I created this PowerShell...
HackBrowserData: A Comprehensive Guide to Decrypting and Exporting Data from Popular Browsers
HackBrowserData is a command-line tool for decrypting and exporting browser data ( passwords, history, cookies, bookmarks, credit cards, download records, localStorage and extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux. Install Installation of HackBrowserData is dead-simple, just download the release for your system and run the binary. Building from source only support go 1.18+ with go generics $...
Linpmem – A Physical Memory Acquisition Tool for Linux
Linpmem is a Linux x64-only tool for reading physical memory. Like its Windows counterpart, Winpmem, this is not a traditional memory dumper. Linpmem offers an API for reading from any physical address, including reserved memory and memory holes, but it can also be used for normal memory dumping. Furthermore, the driver offers a variety of access modes to read physical memory, such as byte, word, dword,...
Process Stomping: Advanced Technique for Executing Shellcode in Targeted Executable Sections
Cybersecurity is a field that is always changing, and new techniques are always being made to improve both offensive and defensive tactics. Process Stomping is an improved version of Process Overwriting that was first used by Aleksandra Doniec (hasherezade) and is now being studied by others in the field. This method is better than others because it precisely and...
