CrossLinked: Mastering LinkedIn Enumeration with Search Engine Scraping
CrossLinked is a LinkedIn enumeration tool that uses search engine scraping to collect valid employee names from an organization. This technique provides accurate results without the use of API keys, credentials, or accessing LinkedIn directly! Table of Contents Install Prerequisites Naming Format Advanced Formatting Search Example Usage Screenshots Parse Example Usage Screenshots Additional Options Proxy Rotation Command-Line Arguments Contribute Sponsors Scrape public LinkedIn profile data at scale with Proxycurl APIs. • Scraping Public profiles are battle tested in...
Splunk RCE – PoC: In-Depth Analysis and Exploitation Methodology
This article delves into a critical vulnerability in Splunk, identified as CVE-2023-46214. It provides a detailed analysis and a Proof of Concept (PoC) script to demonstrate the vulnerability's exploitation. The script is designed for educational purposes, helping to understand the security implications of this vulnerability in Splunk, a popular data processing and analytics platform. The article emphasizes responsible usage,...
CVE Half-Day Watcher
CVE Half-Day Watcher is a security tool designed to highlight the risk of early exposure of Common Vulnerabilities and Exposures (CVEs) in the public domain. It leverages the National Vulnerability Database (NVD) API to identify recently published CVEs with GitHub references before an official patch is released. By doing so, CVE Half-Day Watcher aims to underscore the window of...
WhatsApp OSINT Tool: Revolutionizing Digital Investigations
The WhatsApp OSINT Tool is a pioneering tool developed for intelligence gathering on WhatsApp. It enables tracking and monitoring of user activities, offering insights and data analysis for digital investigations. This versatile tool supports multiple languages and provides Excel format outputs, making it essential for online investigations and digital forensics. Welcome to the first WhatsApp OSINT tool. This was developed...
Compose StyleSheet: Revolutionizing UI Design in Jetpack Compose
Compose StyleSheet is an innovative framework designed to enhance user interface development in Jetpack Compose. Offering a versatile array of customizable UI components, this library simplifies the design process, allowing for dynamic styling and seamless integration of design elements like colors, fonts, and sizes. Ideal for developers seeking to streamline UI creation, Compose StyleSheet is a game-changer in the...
ZMap 4.0.0 RC1 – Revolutionizing Network Scanning With Multi-Port Support And More
ZMap 4.0.0 (RC1) introduces the notion of multi-port scanning, which has been a long requested feature. This is a breaking change since ZMap now operates on a metric of (ip,port) target instead of simply IP (e.g., for scan rate). It also introduces new dependencies (e.g., libjudy) to support multi-port scanning and changes ZMap's command-line interface. Features: Multi-port scanning support Store link-layer timestamp in icmp_echo_time module...
Titan – VMProtect Devirtualizer
I'm releasing my VMProtect devirtualizer for others to research, learn, and improve. This project started in 2018 as a hobby project and was rewritten at least 4 times. During my research, I've met with awesome people, made friends, and learned a lot. The tool is for educational purposes only, it works for vmprotect < 3.8 but produces less than...
NoVmp – Unlocking VMProtect x64 With VTIL-Powered Devirtualization
Welcome to the world of NoVmp, a groundbreaking project that aims to unravel the complexities of VMProtect x64 3.0 - 3.5. In this article, we'll dive into the intriguing realm of devirtualization, exploring how NoVmp utilizes VTIL (Virtual-machine Translation Intermediate Language) to breathe new life into protected binaries. Get ready to unlock the secrets of VMProtect and discover the...
No-Consolation – Executing Unmanaged PEs Inline And Without Console Allocation
This is a Beacon Object File (BOF) that executes unmanaged PEs inline and retrieves their output without allocating a console (i.e. spawning conhost.exe). Features Supports 64 and 32 bits Supports EXEs and DLLs Does not create new processes Usage Summary: Run an unmanaged EXE/DLL inside Beacon's memory. Usage: noconsolation [--local] [--timeout 60] [-k] [--method funcname] [-w] [--no-output] [--alloc-console] [--close-handles] [--free-libraries] /path/to/binary.exe arg1 arg2 --local,...
InvisibilityCloak – A Game-Changer In C# Post-Exploitation Tools
.webp "InvisibilityCloak – A Game-Changer In C# Post-Exploitation Tools")
Proof-of-concept obfuscation toolkit for C# post-exploitation tools. This will perform the below actions for a C# visual studio project. Change the tool name Change the project GUID Obfuscate compatible strings in source code files based on obfuscation method entered by user Removes one-line comments (e.g. // this is a comment) Remove PDB string option for compiled release .NET assembly Blog Post String Candidates Not Obfuscated The below...
