Stacs : Static Token And Credential Scanner
Stacs is a YARA powered static credential scanner which supports binary file formats, analysis of nested archives, composable rulesets and ignore lists, and SARIF reporting. What does STACS support? Currently, STACS supports recursive unpacking of tarballs, gzips, bzips, zips, 7z, iso, rpm and xz files. As STACS works on detected file types, rather than the filename, propriatary file formats based on these types...
SillyRAT : A Cross Platform Multifunctional (Windows/Linux/Mac) RAT
SillyRAT is a cross platform RAT written in pure Python. The RAT accept commands alongside arguments to either perform as the server who accepts connections or to perform as the client/target who establish connections to the server. The generate command uses the module pyinstaller to compile the actual payload code. So, in order to generate payload file for your respective platform, you...
Registry-Recon : Cobalt Strike Aggressor Script That Performs System/AV/EDR Recon
Registry-Recon is a Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon. Description As a red-team practitioner, we are often using tools that attempt to fingerprint details about a compromised system, preferably in the most stealthy way possible. Some of our usual tooling for this started getting flagged by EDR products, due to the use of Windows CLI commands. This aggressor script...
pwnSpoof : Generates realistic spoofed log files for common web servers with customisable attack scenarios
pwnSpoof (from Punk Security) generates realistic spoofed log files for common web servers with customizable attack scenarios. Every log bundle is unique and completely customisable, making it perfect for generating CTF scenarios and for training serials. Can you find the attacker session and build the incident picture? About The Project pwnSpoof was created on the back of a threat hunting training exercise Punk Security delivered for...
Nosferatu : Lsass NTLM Authentication Backdoor
Nosferatu is a Lsass NTLM Authentication Backdoor How It Works First, the DLL is injected into the lsass.exe process, and will begin hooking authentication WinAPI calls. The targeted function is MsvpPasswordValidate(), located in NtlmShared.dll. In the pursuit of not being detected, the hooked function will call the original function and allow for the normal flow of authentication. Only after seeing that authentication has failed will...
Kubernetes-Goat : Is A “Vulnerable By Design” Kubernetes Cluster
Kubernetes-Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. Setting Up Kubernetes Goat Before we set up the Kubernetes Goat, ensure that you have created and have admin access to the Kubernetes cluster kubectl version --short Set up the helm version 2 in your path as helm2. Refer to helm releases for more information about setup helm2 --help Then finally setup...
Facebook Messenger Hack: Which One to Choose and How to Go About It?
Facebook is already an essential part of our lives as it has become the center of our casual discussions, socializing, marketing, and commerce. As a result, accessing your spouse’s or friend’s FB account is a surefire way of learning more about what they are up to all the time. Besides, there are many little-known ways to hack FB Messenger...
Cybersecurity for Students
With technology being such a huge part of student life, it's alarming how many students ignore or don't pay attention to cybersecurity threats. Sometimes, it’s better to ask for some thesis help at reliable services than looking for the information for your assignment all over the suspicious websites of the Internet. So, here are some basic cybersecurity tips that all...
Kube-Applier : Enables Automated Deployment And Declarative Configuration For Your Kubernetes Cluster
Kube-Applier is a service that enables continuous deployment of Kubernetes objects by applying declarative configuration files from a Git repository to a Kubernetes cluster. kube-applier runs as a Pod in your cluster and watches the Git repo to ensure that the cluster objects are up-to-date with their associated spec files (JSON or YAML) in the repo. At a specified interval, kube-applier performs a "full...
Covery: Online Fraud Detection Software
Every business owner thinks about how to ensure a safety for own finances, confidential documents, workers’ and clients’ personal data and money. When it comes to a business of any scale in any niche there are a lot of aspects, which require a protection. Moreover, considering the increase of the number of online frauds the enhancement of the protection system...
