.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Version 3.7 – Comprehensive Enhancements And New Features In SQL Server Chain Execution Tool
Complete refactor of code base. Updated documentation (code comments, README, and wiki) Execution against a linked SQL server chain. For example, if SQL01 has a link to SQL02, and SQL02, has a link to SQL03, and SQL03, has a link to PAYMENTS01. It is now possible to execute commands from SQL01 on PAYMENTS01 using the linked server chain (/link:SQL02,SQL03,PAYMENTS01 /chain). Credit to Azael Martin (n3rada). Removed 'l' and 'i' modules, and introduced context...
Features Of Turtufo – Comprehensive Guide To Scanning For Secrets In Code Repositories
While tartufo started its life with one primary mode of operation, scanning the history of a git repository, it has grown other time to have a number of additional uses and modes of operation. These are all invoked via different sub-commands of tartufo. Git Repository History Scan This is the “classic” use case for tartufo: Scanning the history of a git repository. There are two...
Office 365 Extractor – A Complete Guide To Extracting Audit Logs And Enhancing Forensic Investigations
This script makes it possible to extract log data out of an Office365 environment. The script created by us consist out of four main options, which enable the investigator to easily extract logging out of an Office365 environment. Show available log sources and amount of logging Extract all audit logging Extract group audit logging Extract Specific audit logging (advanced mode) Show Available Log Sources...
Snaffler Output File Parser – Enhancing Data Analysis With Advanced Features
Especially in large environments, the Snaffler output gets very large and time-consuming to analyze. This script parse the Snaffler output file (TSV format required) and: Beautify it: Proper tables and different output formats like TXT, CSV, HTML, JSON or PS Gridview. The HTML output file: Supports basic sorting and filtering (severity & extension) Highlights the finding keyword in the file preview text Contains direct links...
Open-Source Web Scanners : A Detailed List Of Tools From GitHub And GitLab
A list of open source web security scanners on GitHub and GitLab, ordered by Stars. It does not provide in-depth analysis - for more analysis or a wider range of tools, see the links below. Note that some large projects have multiple repos - in which case the second most relevant repo is included immediately after and is indented. General Purpose...
Sysdig Inspect – A Comprehensive Guide To Container Troubleshooting And Securit
Sysdig Inspect is a powerful opensource interface for container troubleshooting and security investigation Inspect's user interface is designed to intuitively navigate the data-dense sysdig captures that contain granular system, network, and application activity of a Linux system. Sysdig Inspect helps you understand trends, correlate metrics and find the needle in the haystack. It comes packed with features designed to support both...
Checking The Installation – A Guide To Installing And Verifying Tartuf
You can install tartufo in the usual ways you would for a Python Package, or using docker to pull the latest tartufo docker image from Docker Hub. Installation with pip: pip install tartufo Installation with docker: docker pull godaddy/tartufo If you would like to install the latest in-development version of tartufo, this can also be done with pip. pip install -e git+ssh://git@github.com/godaddy/tartufo.git#egg=tartufo Checking The Installation When tartufo is installed, it inserts an eponymous command into your path. So if...
CVE-2024-38077-EXP : In-Depth Analysis And Exploitation Of A Windows Server 2025 Vulnerability
We delve into CVE-2024-38077, a critical security vulnerability identified in Windows Server 2025. This flaw, if exploited, could allow unauthorized users to execute malicious code remotely. We present a comprehensive exploration of both the exploit (CVE-2024-38077-EXP) and the proof of concept (CVE-2024-38077-POC), providing in-depth technical insights into the vulnerability's impact and exploitation techniques. Developed by security researchers qi4L and...
Tempest – A Rust Journey Through Command And Control Research
This is a research command and control framework. What I mean by this, is that it is meant for research purposes. It is not meant to fully replace cobalt strike and all your other c2s for production ops. When I decided to write this project, I did so for a learning experience. I wanted to sit and try to plan...
OSINT Cheat Sheet – Essential Tools And Resources For Digital Investigations
In the rapidly evolving world of digital investigations, staying ahead with the right tools is crucial. This OSINT Cheat Sheet compiles essential resources and tools that aid in gathering open-source intelligence effectively. Whether you're delving into social media intelligence (SOCMINT), analyzing images, or exploring geospatial data, these curated tools will empower your research and investigative efforts. Perfect for both...
