Conduwuit : Pioneering A New Era In Matrix Homeservers
Matrix is an open network for secure and decentralized communication. Users from every Matrix homeserver can chat with users from all other Matrix servers. You can even use bridges (also called Matrix Appservices) to communicate with users outside of Matrix, like a community on Discord. What Is The Goal? A high-performance and efficient Matrix homeserver that's easy to set up and...
LSMS – Linux Security And Monitoring Scripts
Linux Security And Monitoring Scripts are a collection of security and monitoring scripts you can use to monitor your Linux installation for security-related events or for an investigation. Each script works on its own and is independent of other scripts. The scripts can be set up to either print out their results, send them to you via mail, or...
Fiber – Using Fibers To Run In-Memory Code
A fiber is a unit of execution that must be manually scheduled by the application rather than rely on the priority-based scheduling mechanism built into Windows. Fibers are often called lightweight threads. For more detailed information about what are and how fibers work consult the official documentation. Fibers allow to have multiple execution flows in a single thread, each...
XSS-Exploitation-Tool : A Penetration Testing Tool
XSS Exploitation Tool is a penetration testing tool that focuses on the exploit of Cross-Site Scripting vulnerabilities. Disclaimer: This tool is only for educational purpose, do not use it against real environment Features Technical Data about victim browser Geolocation of the victim Snapshot of the hooked/visited page Source code of the hooked/visited page Exfiltrate input field data Exfiltrate cookies Keylogging Display alert box Redirect user Installation Tested on Debian 11 You may need Apache,...
Promptmap
Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the system, an attacker can force the ChatGPT instance to take unintended actions. promptmap is a tool that automatically tests prompt injection attacks on ChatGPT instances. It analyzes your ChatGPT rules to understand their context...
Firefly – Black Box Fuzzer For Web Applications
Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing a target with a large number of built-in checks to detect behaviors in the target. NOTE : Firefly is in a very new stage (v1.0) but works well for now, if the target does not contain too much dynamic content....
Winit : Cross-Platform Window Creation And Management In Rust
Winit is a robust, cross-platform library designed for creating and managing windows in Rust applications. Tailored to be a foundational component in a broader system of libraries, it facilitates direct window manipulation and event handling. Ideal for developers seeking a versatile toolset for desktop applications, Winit offers precise control through platform-specific features and extensive documentation. [dependencies] winit = "0.30.7" Documentation For features within...
Browser Autofill Phishing – The Hidden Dangers And Security Risks
In today’s digital age, convenience often comes at the cost of security. One such overlooked convenience is the browser autofill feature—a handy tool that can inadvertently become a gateway for phishing attacks. This article explores a subtle yet significant vulnerability: browser autofill phishing. We delve into how browsers handle autofill differently, the risks involved, and a demonstration of how...
Terminal GPT (tgpt) – Your Direct CLI Gateway To ChatGPT 3.5
Terminal GPT (tgpt) offers a seamless way to bring the power of ChatGPT 3.5 directly to your command line. This cross-platform CLI tool negates the need for API keys and is equipped with a range of flags and options to tailor your experience. From generating shell commands and code to engaging in interactive modes, tgpt simplifies interactions with ChatGPT...
garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security
garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. If you know nmap or msf / Metasploit Framework, garak does somewhat similar things to them, but for LLMs. garak focuses on ways of making an LLM or...