AgentTesla : The Mechanics And Menace Of A Persistent Cyber Threat
AgentTesla is a sophisticated and persistent malware that has been a significant cybersecurity threat since its emergence in 2014. It is a Remote Access Trojan (RAT) and information stealer written in the .NET framework, designed to exfiltrate sensitive data from infected systems. Its widespread use is attributed to its availability as Malware-as-a-Service (MaaS), making it accessible to cybercriminals worldwide. Functions...
Silent Execution Of cmd.exe With Redirected STDERR And STDOUT
The ability to execute commands silently using cmd.exe while redirecting both standard output (STDOUT) and standard error (STDERR) is a common technique employed in both legitimate administrative tasks and malicious activities. This method ensures that the command execution remains hidden from the user, while capturing or discarding the output for further processing. Key Techniques Silent Execution with /Q and /C: The /Q...
Process Inject Kit : Elevating Penetration Testing With Advanced Injection Capabilities
The Process Inject Kit is a specialized toolkit designed to enhance and customize process injection techniques in Cobalt Strike, a popular penetration testing tool. Originally implemented in C, it has been ported to the C++ Beacon Object File (BOF) template, providing developers with greater flexibility and efficiency in defining and deploying custom injection techniques. Core Features The Process Inject Kit offers...
OneScan : A Comprehensive Tool For Recursive Directory Scanning
OneScan is an innovative Burp Suite plugin designed to enhance vulnerability detection in deeply nested directories of web applications. Initially conceptualized to identify hidden Swagger-API documentation, OneScan has evolved into a versatile tool capable of uncovering sensitive information leaks, unauthorized access points, and privilege escalation vulnerabilities. Core Features And Functionality OneScan operates by recursively scanning directories, leveraging payload dictionaries to probe...
Commander – Secure Python C2 Framework
Commander is a command and control framework (C2) written in Python, Flask and SQLite. It comes with two agents written in Python and C. Under Continuous Development Not script-kiddie friendly Features Fully encrypted communication (TLS) Multiple Agents Obfuscation Interactive Sessions Scalable Base64 data encoding RESTful API Agents Python 3 The python agent supports: sessions, an interactive shell between the admin and the agent (like ssh) obfuscation Both Windows and Linux systems download/upload files functionality C The C agent supports...
Zizmor : Enhancing Security In GitHub Actions With Static Analysis
zizmor is a static analysis tool for GitHub Actions. It can find many common security issues in typical GitHub Actions CI/CD setups. In the world of continuous integration and continuous delivery (CI/CD), security remains a paramount concern, particularly within widely utilized platforms like GitHub Actions. Enter Zizmor, a cutting-edge static analysis tool designed specifically for GitHub Actions environments. This powerful...
Stalwart Mail Server : Revolutionizing Email Security And Scalability
Stalwart Mail Server is an open-source mail server solution with JMAP, IMAP4, POP3, and SMTP support and a wide range of modern features. It is written in Rust and designed to be secure, fast, robust and scalable. Key features: JMAP, IMAP4, POP3 and ManageSieve server: JMAP server with Sieve Scripts, WebSocket, Blob Management and Quotas extensions. IMAP4rev2 and IMAP4rev1 server with support for...
Atuin : Revolutionizing Shell History With Enhanced Search And Secure Sync
Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronisation of your history between machines, via an Atuin server. As well as the search UI, it can do things like this: # search for all successful `make` commands, recorded after 3pm yesterday atuin search --exit 0 --after...
Spyndicapped : The Power Of UI Automation For Surveillance
Dive into the cutting-edge world of digital surveillance with "Spyndicapped," a robust tool leveraging Microsoft's UI Automation to monitor and gather data stealthily. Developed by the CICADA8 Research Team, this tool unveils a new frontier in cybersecurity by allowing detailed access to user activities and system operations. Discover its unique capabilities and how it transforms spying on user interfaces...
SOC Multi-Tool : Cyber Investigation Made Easy
Introducing SOC Multi-tool, a free and open-source browser extension that makes investigations faster and more efficient. Now available on the Chrome Web Store and compatible with all Chromium-based browsers such as Microsoft Edge, Chrome, Brave, and Opera.Available on Chrome Web Store!Available on Firefox Add-Ons Store! Featured On: #22 On Github Trending!"Awesome Incident Response"!"Awesome Threat Detection"!"Bad Sector Blogs"!"Kali Linux Tutorials"!"Security Online""OneStopSOC"!"Dinosn Twitter"! Streamline...
