What Does It Take to Be a Cybersecurity Expert?
We live in a digital world in which many companies are leveraging technologies to connect users, devices, data, goods, and services. These are new models of connectivity and information exchange. And to be able to respond to these, it is also necessary to have networks of resources that are managed through the Internet, such as, for example, the cloud. The...
Kit_Hunter : A Basic Phishing Kit Scanner For Dedicated And Semi-Dedicated Hosting
Kit_Hunter is a personal project to learn Python, and a basic scanning tool that will search directories and locate phishing kits based on established markers. As detection happens, a report is generated for administrators. By default the script will generate a report that shows the files that were detected as potentially problematic, list the markers that indicated them as problematic...
Digital-Forensics-Lab : Free Hands-On Digital Forensics Labs For Students And Faculty
Digital-Forensics-Lab is a Free Hands-On Digital Forensics Labs For Students And Faculty. Features Of Repository Hands-on Digital Forensics Labs: designed for Students and FacultyLinux-based lab: All labs are purely based on Kali LinuxLab screenshots: Each lab has PPTs with instruction screenshotsComprehensive: Cover many topics in digital forensicsFree: All tools are open sourceUpdated: The project is funded by DOJ and will keep updatingTwo...
How to Make Your Software Lifecycle Development Process Secure?
It’s important to have a carefully managed and supervised software development lifecycle or SDLC. Applying key, oftentimes small, and practical policies and regulations to each phase of your secure software development lifecycle will allow you and your team to quickly spot issues before they get out of hand — before they manifest in their entirety, take roots and derail...
OffensiveRust : Rust Weaponization For Red Team Engagements
OffensiveRust, my experiments in weaponizing Rust for implant development and general offensive operations. Why Rust? It is faster than languages like C/C++It is multi-purpose language, bearing excellent communitiesIt has an amazing inbuilt dependency build management called CargoIt is LLVM based which makes it a very good candidate for bypassing static AV detectionSuper easy cross compilation to Windows from *nix/MacOS, only requires you to...
4-ZERO-3 : 403/401 Bypass Methods + Bash Automation
4-ZERO-3 Tool to bypass 403/401. This script contain all the possible techniques to do the same. NOTE : If you see multiple /bypasses as output, you must check the Content-Length. If the content-length is same for multiple /bypasses means false positive. Reason can be "301/302" or "../" DON'T PANIC.Script will print cURL PAYLOAD if possible bypass found. Preview Help root@me_dheeraj:$ bash 403-bypass.sh -h Usage / Modes Scan with...
5 Types of Cyber Security Threats
A cyber-attack can cause devastating effects on a business. Not only can it shut down your operations, but your reputation can be significantly impacted. In order to prevent them from happening as much as possible, it's essential to know what types of threats there are. Below, we will talk about just five that you should watch out for. Sound interesting? Then...
DetectionLabELK : A Fork From DetectionLab With ELK Stack Instead Of Splunk
DetectionLabELK is the perfect lab to use if you would like to build effective detection capabilities. It has been designed with defenders in mind. Its primary purpose is to allow blueteams to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified...
Cracken : A Fast Password Wordlist Generator, Smartlist Creation And Password Hybrid-Mask Analysis Tool
Cracken is a fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust (more on talk/). Inspired by great tools like maskprocessor, hashcat, Crunch and HuggingFace's tokenizers. What? Why? Woot?? At DeepSec2021 we presented a new method for analysing passwords as Hybrid-Masks exploiting common substrings in passwords by utilizing NLP tokenizers (more info on talk/). Our method splits a password into its subwords instead of just...
FakeDataGen : Full Valid Fake Data Generator
FakeDataGen is a Full Valid Fake Data Generator. This tool helps you to create fake accounts (in Spanish format) with fully valid data. Within this information, you can find the most common names, emails, bank details and other useful information. Requirements Python 3Install requirements.txt Download It is recommended to clone the complete repository or download the zip file. You can do this by running the...
