Hayabusa: Revolutionizing Windows Event Log Analysis with Rapid Forensics and Advanced Threat Hunting Capabilities
.webp "Hayabusa: Revolutionizing Windows Event Log Analysis with Rapid Forensics and Advanced Threat Hunting Capabilities")
Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool created by the Yamato Security group in Japan. Hayabusa means "peregrine falcon" in Japanese and was chosen as peregrine falcons are the fastest animal in the world, great at hunting and highly trainable. It is written in Rust and supports multi-threading in order to be as fast as possible. We have provided a tool to convert Sigma rules into...
EvilSlackbot: A Cutting-Edge Tool for Enhancing Slack Workspace Security through Red Team and Phishing Simulations
It's impossible to say enough about how important cybersecurity is in this digital age, where teamwork tools like Slack are essential for business communication. The fact that thousands of businesses use Slack for daily tasks makes the platform vulnerable to cyber dangers. With that, let's talk about EvilSlackbot, the cutting-edge hacking tool. EvilSlackbot is a powerful system for running...
IMDSPOOF: Enhancing Cloud Security with Deceptive AWS IMDS Endpoint Spoofing
.webp "IMDSPOOF: Enhancing Cloud Security with Deceptive AWS IMDS Endpoint Spoofing")
IMDSPOOF is a cyber deception tool that spoofs an AWS IMDS service. One way that attackers are able to escalate privileges or move laterally in a cloud environment is by retrieving AWS Access keys from the IMDS service endpoint located at http://169.254.169.254/latest/meta-data/iam/security-credentials/<user>. This tool spoofs that endpoint and redirects traffic sent to 169.254.169.254 to a local webserver that serves fake data. This can be...
Telerecon: The OSINT Framework for Deep Telegram Analysis
.webp "Telerecon: The OSINT Framework for Deep Telegram Analysis")
Telerecon is a comprehensive OSINT reconnaissance framework for researching, investigating, and scraping Telegram. For example: Input a target username, and Telerecon efficiently crawls across multiple chats gathering profile metadata, account activity, user messages, extracting potential selectors, ideological indicators, identifying named entities, constructing a network map of possible associates, and a EXIF metadata geo-map, amongst various other analytics. Other features of Telerecon...
Commix: The Command Injection Exploiter for Penetration Testing
It stands for "comm and injection exploiter." Commix is a state-of-the-art open-source tool made for penetration testers and other cybersecurity experts. Anastasios Stasinopoulos made Commix, a tool that automatically finds and takes advantage of command injection weaknesses, which is a key part of testing the security of web applications. This article goes into detail about how to install Commix...
Instagram Location Search: Navigating and Scraping Proximal Points with Ease
Find out how powerful Instagram Location Search is. It's a flexible Python tool that makes it easier to find and analyze Instagram places. This app lets you map coordinates in downtown Tucson or anywhere else, and it gives different output formats, from CSV to GeoJSON, so you can do useful geospatial analysis. Instagram position Search is a must-have tool...
Active Directory Canaries: Advanced Detection and Prevention of AD Enumeration
.webp "Active Directory Canaries: Advanced Detection and Prevention of AD Enumeration")
Active Directory Canaries is a detection primitive for Active Directory enumeration (or recon) techniques. It abuses the concept of DACL Backdoors, introduced by Specter Ops researchers Andy Robins (@_wald0) and Will Schroeder (@harmj0y) back in 2017 in their white paper "An ACE Up the Sleeve". The purpose of this project is to publish and maintain the deployment PowerShell script that automates...
FACTION PenTesting Report Generation and Collaboration Engine
In the world of cybersecurity, where things change quickly, it's important to do thorough and fast penetration testing. Here comes FACTION, a cutting-edge Penetration Testing Report Generation and Collaboration Engine that is meant to make the whole assessment process easier. This powerful tool not only automatically creates pen test reports, but it also lets peers review them, keeps track...
XnLinkFinder v4.1 – A Comprehensive Guide To Discovering Endpoints And Parameters
This is a tool used to discover endpoints (and potential parameters) for a given target. It can find them by: crawling a target (pass a domain/URL) crawling multiple targets (pass a file of domains/URLs) searching files in a given directory (pass a directory name) get them from a Burp project (pass location of a Burp XML file) get them from an OWASP ZAP project (pass location of a...
Osquery-Defense-Kit : Enhancing Cybersecurity
Osquery queries for Detection & Incident Response, containing 250+ production-ready queries. ODK (osquery-defense-kit) is unique in that the queries are designed to be used as part of a production detection & response pipeline. The detection queries are formulated to return zero rows during normal expected behavior, so that they may be configured to generate alerts when rows are returned. At the...