TrafficWatch – A Comprehensive Guide To Network Traffic Analysis With Packet Sniffing
TrafficWatch, a packet sniffer tool, allows you to monitor and analyze network traffic from PCAP files. It provides insights into various network protocols and can help with network troubleshooting, security analysis, and more. Features Protocol-specific packet analysis for ARP, ICMP, TCP, UDP, DNS, DHCP, HTTP, SNMP, LLMNR, and NetBIOS. Packet filtering based on protocol, source IP, destination IP, source port, destination port,...
USB flows In The Great River – IDA FLIRT Signature And IOC
IDA Pro FLIRT signature for FlowCloud RAT component, "fcClientDll and Indicators mentioned in my presentation "USB flows in the Great River". In the realm of cybersecurity, the unassuming USB drive can be a Trojan horse. Dive into the world of USB-based threats as we explore the creation of IDA Pro FLIRT signatures for the elusive FlowCloud RAT component. Discover...
Social-Media-OSINT-Tools-Collection – A Powerful Toolkit
A collection of most useful tools for social media osint. Unlock the potential of Open-Source Intelligence (OSINT) with our curated 'Social-Media-OSINT-Tools-Collection.' Dive into a world of powerful tools designed to gather valuable information from social media platforms like Facebook, Instagram, LinkedIn, Twitter, and more. Discover how these tools can empower your OSINT endeavors and enhance your digital intelligence gathering...
EMBA v1.3.1 : Diff It – Unveiling The Firmware Diffing Mode And Latest Updates
What Happened Since The Last EMBA Release? There was the absolute great #Hackersummercamp with our talks at BSidesLV, ICS Village (DEF CON) and Black Hat (Arsenal). The recording of the BSides talk is already available here. Beside this, Nate did a really great talk at BruCON – see here. Beside a lot of code cleanup, bug fixing and some little improvements the new firmware diffing mode is...
Furl – Wayback Machine URL Mining For Bug Hunting
.webp "Furl – Wayback Machine URL Mining For Bug Hunting")
Furl is a tool for mining URLs from Wayback Machine for bug hunting/fuzzing/further probing. Furl is a powerful tool designed for bug hunters, fuzzers, and those seeking to probe the depths of the web. This article explores how Furl can be used to mine URLs from the Wayback Machine, opening up new possibilities for uncovering vulnerabilities and hidden gems...
C2 Tracker – Tracking C2, Malware, and Botnets
Free to use IOC feed for various tools/malware. It started out for just C2 tools but has morphed into tracking infostealers and botnets as well. It uses Shodan searches to collect the IPs. The most recent collection is always stored in data; the IPs are broken down by tool and there is an all.txt. The feed should update daily. Actively working on making the backend...
CryptoTester – Cryptography Utility For Ransomware Analysis
A utility for playing with cryptography, geared towards ransomware analysis. CryptoTester is a powerful utility designed for in-depth cryptographic analysis, with a particular focus on ransomware investigation. In this article, we'll explore how CryptoTester provides a robust set of tools and features to aid in dissecting and understanding cryptographic elements, making it an invaluable asset for cybersecurity experts and...
PatchaPalooza – Your Offline Resource For Microsoft Security Update Analysis
.webp "PatchaPalooza – Your Offline Resource For Microsoft Security Update Analysis")
A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates. In the ever-evolving landscape of cybersecurity, staying informed about vulnerabilities and security updates is paramount. Enter "PatchaPalooza," a powerful tool designed for cybersecurity professionals, offering a streamlined and offline approach to analyzing Microsoft's monthly security updates. In this article, we'll delve into the features and functionality...
Shimon – URL Fingerprinting Made Easy
In an era of ever-expanding digital landscapes, the ability to quickly and efficiently identify and analyze URLs is paramount. Introducing 'Shimon,' a powerful tool that simplifies URL fingerprinting, offering seamless integration with various services. In this article, we explore Shimon's capabilities and provide a step-by-step guide to harness its potential, making URL-related tasks a breeze. Requirements Python 3.11 Node.js v20 Supported Services BinaryEdge Censys Onyphe SecurityTrails Shodan SpyOnWeb urlscan.io VirusTotal ZoomEye Installation git clone...
Unwyze – A Wyze Cam v3 RCE Exploit
I worked on auditing the Wyze Cam V3 firmware as part of entering this year Pwn2Own 2023 Toronto competition. My entry came along nicely and I was able to identify and exploit some critical vulnerabilities. The night before my flight to Toronto I became aware Wyze had just released a firmware update (4.36.11.7071) which has the following changelog: Security improvements Yeah, that's it; the...
