Registry-Recon : Cobalt Strike Aggressor Script That Performs System/AV/EDR Recon
Registry-Recon is a Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon. Description As a red-team practitioner, we are often using tools that attempt to fingerprint details about a compromised system, preferably in the most stealthy way possible. Some of our usual tooling for this started getting flagged by EDR products, due to the use of Windows CLI commands. This aggressor script...
pwnSpoof : Generates realistic spoofed log files for common web servers with customisable attack scenarios
pwnSpoof (from Punk Security) generates realistic spoofed log files for common web servers with customizable attack scenarios. Every log bundle is unique and completely customisable, making it perfect for generating CTF scenarios and for training serials. Can you find the attacker session and build the incident picture? About The Project pwnSpoof was created on the back of a threat hunting training exercise Punk Security delivered for...
Nosferatu : Lsass NTLM Authentication Backdoor
Nosferatu is a Lsass NTLM Authentication Backdoor How It Works First, the DLL is injected into the lsass.exe process, and will begin hooking authentication WinAPI calls. The targeted function is MsvpPasswordValidate(), located in NtlmShared.dll. In the pursuit of not being detected, the hooked function will call the original function and allow for the normal flow of authentication. Only after seeing that authentication has failed will...
Kubernetes-Goat : Is A “Vulnerable By Design” Kubernetes Cluster
Kubernetes-Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. Setting Up Kubernetes Goat Before we set up the Kubernetes Goat, ensure that you have created and have admin access to the Kubernetes cluster kubectl version --short Set up the helm version 2 in your path as helm2. Refer to helm releases for more information about setup helm2 --help Then finally setup...
Facebook Messenger Hack: Which One to Choose and How to Go About It?
Facebook is already an essential part of our lives as it has become the center of our casual discussions, socializing, marketing, and commerce. As a result, accessing your spouse’s or friend’s FB account is a surefire way of learning more about what they are up to all the time. Besides, there are many little-known ways to hack FB Messenger...
Cybersecurity for Students
With technology being such a huge part of student life, it's alarming how many students ignore or don't pay attention to cybersecurity threats. Sometimes, it’s better to ask for some thesis help at reliable services than looking for the information for your assignment all over the suspicious websites of the Internet. So, here are some basic cybersecurity tips that all...
Kube-Applier : Enables Automated Deployment And Declarative Configuration For Your Kubernetes Cluster
Kube-Applier is a service that enables continuous deployment of Kubernetes objects by applying declarative configuration files from a Git repository to a Kubernetes cluster. kube-applier runs as a Pod in your cluster and watches the Git repo to ensure that the cluster objects are up-to-date with their associated spec files (JSON or YAML) in the repo. At a specified interval, kube-applier performs a "full...
Covery: Online Fraud Detection Software
Every business owner thinks about how to ensure a safety for own finances, confidential documents, workers’ and clients’ personal data and money. When it comes to a business of any scale in any niche there are a lot of aspects, which require a protection. Moreover, considering the increase of the number of online frauds the enhancement of the protection system...
JVMXRay : Make Java Security Events Of Interest Visible For Analysis
JVMXRay is a technology for monitoring access to Java protected system resources like files, sockets, and more, used by your application. It’s designed with an application security emphasis but there are benefits in other areas like, software diagnostics, usage tracking, and auditing. Benefits Following is a quick list of some of the more important benefits. Identify protected resources Track different types of events...
Hyenae Ng : An Advanced Cross-Platform Network Packet Generator And The Successor Of Hyenae
Hyenae Ng (Next Generation) is a re-write of the original Hyenae tool which was originally published back in the year 2010. Besides switching from C to C++, using modern design concepts, Hyenae NG was (just like the original Hyenae) written with maximum portability in mind. Since the original Hyenae had a very complex command line syntax Hyenae NG comes with...
