Dynmx Prototype: An Advanced API Call Trace Analysis Tool for Malware Detection
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way, you can think of dynmx as a sort of YARA for API call traces (so called function logs) originating from malware sandboxes. Hence, the data basis for the detection approach are not the malware samples themselves which are analyzed statically but...
JSON Crack: Transform Your Data into Interactive Visualizations
An innovative, open source data visualization app. Brings data to life through captivating graphs. JSON Crack (jsoncrack.com) JSON Crack is a free, open-source data visualization app capable of visualizing data formats such as JSON, YAML, XML, CSV and more, into interactive graphs. With its intuitive and user-friendly interface, JSON Crack makes it easy to explore, analyze, and understand even the most...
Karton-Pcap-Miner: Streamlining Network Indicator Extraction from PCAPs
Karton-Pcap-Miner is a strong program that quickly pulls network indicators from analysis PCAP files." It works with MWDB without any problems to add these indicators as attributes, which makes cybersecurity research better. You can use it with complicated network data because it has tools for HTTP, TCP, SNI, and DNS built in. Professionals who want to speed up the...
Crawlector – Empowering Threat-Hunting With Advanced Web Scanning And Detection
Crawlector (the name Crawlector is a combination of Crawler & Detector) is a threat-hunting framework designed for scanning websites for malicious objects. Note-1: The framework was first presented at the No Hat conference in Bergamo, Italy on October 22nd, 2022 (Slides, YouTube Recording). Also, it was presented for the second time at the AVAR conference, in Singapore, on December 2nd, 2022. Note-2: The accompanying tool EKFiddle2Yara (is a tool that takes...
31 Tips from Inon Shkedy’s Challenge – Mastering API Security
.webp "31 Tips from Inon Shkedy’s Challenge – Mastering API Security")
This challenge is Inon Shkedy's 31 days API Security Tips -API TIP: 1/31- Older APIs versions tend to be more vulnerable and they lack security mechanisms. Leverage the predictable nature of REST APIs to find old versions. Saw a call to api/v3/login? Check if api/v1/login exists as well. It might be more vulnerable. -API TIP: 2/31- Never assume there’s only one way to authenticate to an...
InfoSec Black Friday Deals – “Friday Hack Fest” 2023 Edition
All the deals for InfoSec related software/tools this Black Friday / Cyber Monday. Just 2023 Things Quality over quantity - this list goes through a level of vetting for dodginess, gated-deals, deals that aren't infosec related and either can't be verified or break promises (e.g. states % off all courses, but has exclusions). There are also some vendors being stood up...
Hades Command And Control – Learning Malware Development and CTFsHades Command & Control
Hades is a basic Command & Control server built using Python. It is currently extremely bare bones, but I plan to add more features soon. Features are a work in progress currently. Table Of Contents About the Project Getting Started Prerequisites Installation Roadmap Contributing License Authors Acknowledgements About The Project This is a project made (mostly) for me to learn Malware Development, Sockets, and C2 infrastructure setups. Currently, the server can...
Forbidden Buster: Mastering HTTP 401 and 403 Bypass Techniques
Forbidden Buster is a tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas in the system. This code is made for security enthusiasts and professionals only. Use it at your own risk. Features Probes HTTP 401 and 403 response codes to discover potential bypass techniques. Utilizes various methods and headers...
Goblob: Azure Blob Storage Enumeration Tool
Goblob is a lightweight and fast enumeration tool designed to aid in the discovery of sensitive information exposed publicy in Azure blobs, which can be useful for various research purposes such as vulnerability assessments, penetration testing, and reconnaissance. Warning. Goblob will issue individual goroutines for each container name to check in each storage account, only limited by the maximum number...
Top Penetration Testing Software & Tools – Essential for Security Assessments
This article offers a comprehensive overview of the nine most commonly utilized penetration testing tools in the cybersecurity domain. The utilization of tools such as Netsparker, Wireshark, and Kali Linux is crucial in the process of identifying vulnerabilities across diverse digital environments. Each tool provides distinct functionalities for conducting web application scanning, network analysis, ethical hacking, and other related...
