Nosferatu : Lsass NTLM Authentication Backdoor
Nosferatu is a Lsass NTLM Authentication Backdoor How It Works First, the DLL is injected into the lsass.exe process, and will begin hooking authentication WinAPI calls. The targeted function is MsvpPasswordValidate(), located in NtlmShared.dll. In the pursuit of not being detected, the hooked function will call the original function and allow for the normal flow of authentication. Only after seeing that authentication has failed will...
Kubernetes-Goat : Is A “Vulnerable By Design” Kubernetes Cluster
Kubernetes-Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. Setting Up Kubernetes Goat Before we set up the Kubernetes Goat, ensure that you have created and have admin access to the Kubernetes cluster kubectl version --short Set up the helm version 2 in your path as helm2. Refer to helm releases for more information about setup helm2 --help Then finally setup...
Facebook Messenger Hack: Which One to Choose and How to Go About It?
Facebook is already an essential part of our lives as it has become the center of our casual discussions, socializing, marketing, and commerce. As a result, accessing your spouse’s or friend’s FB account is a surefire way of learning more about what they are up to all the time. Besides, there are many little-known ways to hack FB Messenger...
Cybersecurity for Students
With technology being such a huge part of student life, it's alarming how many students ignore or don't pay attention to cybersecurity threats. Sometimes, it’s better to ask for some thesis help at reliable services than looking for the information for your assignment all over the suspicious websites of the Internet. So, here are some basic cybersecurity tips that all...
Kube-Applier : Enables Automated Deployment And Declarative Configuration For Your Kubernetes Cluster
Kube-Applier is a service that enables continuous deployment of Kubernetes objects by applying declarative configuration files from a Git repository to a Kubernetes cluster. kube-applier runs as a Pod in your cluster and watches the Git repo to ensure that the cluster objects are up-to-date with their associated spec files (JSON or YAML) in the repo. At a specified interval, kube-applier performs a "full...
Covery: Online Fraud Detection Software
Every business owner thinks about how to ensure a safety for own finances, confidential documents, workers’ and clients’ personal data and money. When it comes to a business of any scale in any niche there are a lot of aspects, which require a protection. Moreover, considering the increase of the number of online frauds the enhancement of the protection system...
JVMXRay : Make Java Security Events Of Interest Visible For Analysis
JVMXRay is a technology for monitoring access to Java protected system resources like files, sockets, and more, used by your application. It’s designed with an application security emphasis but there are benefits in other areas like, software diagnostics, usage tracking, and auditing. Benefits Following is a quick list of some of the more important benefits. Identify protected resources Track different types of events...
Hyenae Ng : An Advanced Cross-Platform Network Packet Generator And The Successor Of Hyenae
Hyenae Ng (Next Generation) is a re-write of the original Hyenae tool which was originally published back in the year 2010. Besides switching from C to C++, using modern design concepts, Hyenae NG was (just like the original Hyenae) written with maximum portability in mind. Since the original Hyenae had a very complex command line syntax Hyenae NG comes with...
Gotanda : Browser Web Extension For OSINT
Gotanda is OSINT(Open Source Intelligence) Web Extension for Firefox/Chrome. This Web Extension could search OSINT information from some IOC in web page.(IP,Domain,URL,SNS...etc) This Repository partly the studying and JavaScript practice. Download link below. FireFoxChrome Usage Right click highlighted IOC strings, It will show contextmenus.(Or right clicking any link. ) When You want to search using some engine, You choose one of list. Search Engine List NameURLCategoryDomain Toolshttps://whois.domaintools.com/whois LookupSecurity...
Fhex : A Full-Featured HexEditor
Fhex is born with the aim to develop a lightweight, but useful tool. The reason is that the existing hex editors have some different limitations (e.g. too many dependencies, missing hex coloring features, etc.). This project is based on qhexedit2, capstone and keystone engines. New features could be added in the future, PRs are welcomed. Features Chunks loader - Used to load only a portion of large...
