Script Overview – Decoding GootLoader Payloads And Obfuscations
In the intricate realm of cyber threats, GootLoader emerges as a formidable challenge. This article delves deep into the intricacies of decoding its payloads and obfuscations. Equipped with hands-on scripts and tools, we aim to guide cybersecurity enthusiasts and professionals through the maze of GootLoader. Get ready for an informative journey. GootLoaderAutoJsDecode.py - automatically decodes .js files using static analysis (recommended) GootLoaderAutoJsDecode-Dynamic.py - automatically decodes .js files...
Wireshark 4.0.10 Released – What’s New!
The most widely used network protocol analyzer worldwide is Wireshark. It is employed in network troubleshooting, security analysis, software protocol development, network monitoring, communications protocol development, and education. Wireshark has announced version 4.0.10, which includes bug fixes, new improvements, and capabilities for improved packet inspection, making it a top choice for consumers and organizations in a variety of industries. <blockquote class="twitter-tweet"><p...
ELFEN – Linux Malware Analysis Sandbox
.webp "ELFEN – Linux Malware Analysis Sandbox")
ELFEN is a dockerized sandbox for analyzing Linux (file type: ELF) malware. It leverages an array of open-source technologies to perform both static and dynamic analysis. Results are available through both the GUI and API. Currently, ELFEN supports the analysis of ELF binaries for the following architectures: x86-64 MIPS 32-bit big/little-endian PowerPC 32-bit big-endian ARMv5 32-bit little-endian Getting Started Prerequisite Install docker and docker compose. Setup Clone the ELFEN...
Incident Response Playbooks – Streamlined Security Mitigation Guides
.webp "Incident Response Playbooks – Streamlined Security Mitigation Guides")
Welcome to the Incident Response Playbooks repository! We're creating these playbooks with the knowledge gained from LetsDefend to assist security experts in responding to various security incidents effectively. Whether you're new to incident response or a seasoned professional, you'll find valuable resources here to help you navigate and mitigate security threats. Table Of Contents Introduction Playbooks Getting Started Contributing Introduction Incident response is a critical aspect of maintaining...
HyperDbg v0.6-beta: Advanced Debugging & Memory Upgrades
.webp "HyperDbg v0.6-beta: Advanced Debugging & Memory Upgrades")
If you’re enjoying HyperDbg, don’t forget to give a star on GitHub! Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick Start and Frequently Asked Questions (FAQs) to learn more. You can use the examples of using the debugger and the script engine to get started with HyperDbg. HyperDbg's memory model has undergone a significant change, transitioning to a multiple-EPTP model. This change has effectively resolved...
Awesome Command And Control
.webp "Awesome Command And Control")
A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assessments. If you'd like to contribute to this list, simply open a PR with your additions. Maintained by @tcostam. If you have contributions but can't pull request, give me a shout at twitter. Table Of Contents Tools Open Source Commercial Online Resources Articles Videos Tools Open Source Apfell: cross-platform, post-exploit, red teaming framework built with python3, docker,...
GDBleed – Advanced Binary Instrumentation with GDB
.webp "GDBleed – Advanced Binary Instrumentation with GDB")
GDBleed - Dynamic-Static binary instrumentation framework on top of GDB GDBleed is a gdb wrapper exposing a set of commands for x86-64, ARM and MIPS (x86 and ARM thumb-mode in progress) architectures to perform binary instrumentation. The objective was to exploit the hackish features of GDB python API, while ignoring the software performance attribute (for now). And in the end to...
RedPersist – Advanced Windows Persistence in C#
.webp "RedPersist – Advanced Windows Persistence in C#")
In the evolving landscape of system management, maintaining application persistence is paramount. 'RedPersist' stands out as a robust solution, offering a myriad of techniques to ensure uninterrupted system presence. Dive into this comprehensive guide to explore its capabilities, from leveraging Eventviewer to harnessing the power of PowerShell profiles. Compiling Project Below 3rd party libraries are used in this project. TaskSchedulerFodyLoad the Visual...
Eyes: Email-Centric OSINT Uncovered
Eyes is an OSINT tool that focuses on extracting information related to an email address. Whether you’re a cybersecurity professional, a private investigator, or just a curious individual, Eyes can provide insights into the digital footprint associated with a specific email. It scours various platforms and databases to fetch data, making your investigation process smoother and more comprehensive. Installation Guide: Getting...
Villain – Elevating C2 OperationsVillain
A groundbreaking C2 framework designed for modern cybersecurity challenges. With its advanced TCP & HoaxShell capabilities, Villain is set to redefine command and control operations, offering unparalleled versatility and precision in the realm of cyber operations. Purpose Villain is a high level C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands,...
