.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
FUD-UUID-Shellcode : Another Shellcode Bypass Windows Defender
FUD-UUID-Shellcode is another shellcode injection technique using C++ that attempts to bypass Windows Defender using XOR encryption sorcery and UUID strings madness. How it works? Shellcode Generation Firstly, generate a payload in binary format( using either CobaltStrike or msfvenom ) for instance, in msfvenom, you can do it like so( the payload I'm using is for illustration purposes, you can use whatever...
SteaLinG : Open-Source Penetration Testing Framework Designed For Social Engineering
The SteaLinG is an open-source penetration testing framework designed for social engineering After the hack, you can upload it to the victim's device and run it. Disclaimers This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes How can I benefit from this project? you can use it for...
Monkey365 – Tool For Security Consultants Microsoft 365
Monkey365 is an Open Source security tool that can be used to easily conduct not only Microsoft 365, but also Azure subscriptions and Azure Active Directory security configuration reviews without the significant overhead of learning tool APIs or complex admin panels from the start. To help with this effort, Monkey365 also provides several ways to identify security gaps in...
HSTP – Simple Hyper Service Transfer Protocol On Networks
HSTP protocol aims to develop a application layer abstraction for the Hyper Service Transfer Protocol. HSTP is a recursion as nature of HSTP. This protocol implements itself as a interface. On every internet connected device, there is a HSTP instance. That's why the adoption is not needed. HSTP already running top of the internet. We have just now achieved to...
EvilnoVNC – Ready To Go Phishing Platform
EvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection. In addition, this tool allows us to see in real time all of the victim's actions, access to their downloaded files and the entire browser profile, including cookies, saved passwords, browsing history and much more. Requirements Docker...
AoratosWin : A Tool That Removes Traces Of Executed Applications On Windows OS
AoratosWin is a tool that removes traces of executed applications on Windows OS which can easily be listed with tools such as ExecutedProgramList by Nirsoft. Supported OS (Tested On) Windows 7 (x86, x64)Windows 8 (x86, x64)Windows 8.1 (x86, x64)Windows 10 (x86, x64)Windows 11 (x64) Minimum System Reqs: .NET Framework 4.0 Disclaimer Any actions and/or activities related to this tool is solely your responsibility. Click Here To...
Cloudfox – Automating Situational Awareness For Cloud Penetration Tests
CloudFox helps you gain situational awareness in unfamiliar cloud environments. It’s an open source command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure. CloudFox helps you answer the following common questions (and many more): What regions is this AWS account using and roughly how many resources are in the account?What...
Arsenal – Recon Tool Installer
Arsenal is a Simple shell script (Bash) used to install the most important tools and requirements for your environment and save time in installing all these tools. Tools in Arsenal NamedescriptionAmassThe OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniquesffufA fast web fuzzer written in GodnsXFast and multi-purpose...
Erlik 2 : Vulnerable Flask App
Erlik 2 is a vulnerable Flask Web App. It is a lab environment created for people who want to improve themselves in the field of web penetration testing. Features It contains the following vulnerabilities. -HTML Injection-XSS-SSTI-SQL Injection-Information Disclosure-Command Injection-Brute Force-Deserialization-Broken Authentication-DOS-File Upload Installation git clone https://github.com/anil-yelken/Vulnerable-Flask-Appcd Vulnerable-Flask-Appsudo pip3 install -r requirements.txt Usage python3 vulnerable-flask-app.py Click Here To Download
Utkuici – Nessus Automation
Today, with the spread of information technology systems, investments in the field of cyber security have increased to a great extent. Vulnerability management, penetration tests and various analyzes are carried out to accurately determine how much our institutions can be affected by cyber threats. With Tenable Nessus, the industry leader in vulnerability management tools, an IP address that has...
