Ad-Honeypot-Autodeploy : Deploy A Small, Intentionally Insecure, Vulnerable Windows Domain For RDP Honeypot Fully Automatically
Ad-Honeypot-Autodeploy a tool to Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically. Runs on self-hosted virtualization using libvirt with QEMU/KVM (but it can be customized easily for cloud-based solutions). Used for painlessly set up a small Windows Domain from scratch automatically (without user interaction) for the purpose of RDP Honeypot testing. Features a Domain Controller, a Desktop Computer and a configured...
Abaddon : Make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities
Abaddon is a Red team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating and caution. Wavestone’s red team operations management software, Abaddon, has been designed to make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities. Because: There are tons of tools used by...
What is Cyber Resilience and How to Measure It?
When it comes to protecting your castle against hackers, ransomware crooks, and all manner of digital lowlifes cyber resilience is one of your most important weapons — it’s a key factor that determines your success on that battlefield. Basically, in a nutshell, cyber resilience is the capacity for your organisation to take a hit and keep on ticking. It’s...
RottenPotatoNG : A C++ DLL And Standalone C++ Binary – No Need For Meterpreter Or Other Tools
RottenPotatoNG generates a DLL and EXE file. The DLL contains all the code necessary to perform the RottenPotato attack and get a handle to a privileged token. The MSF RottenPotato Test Harness project simply shows example usage for the DLL. For more examples, see https://github.com/hatRiot/token-priv/tree/master/poptoke/poptoke, specifically the SeAssignPrimaryTokenPrivilege.cpp and SeImpersonatePrivilege.cpp files. RottenPotato EXE This project is identical to the above, except the...
Private Set Membership (PSM) : Cryptographic Protocol That Allows Clients To Privately Query
Private Set Membership (PSM) is a cryptographic protocol that allows clients to privately query whether the client's identifier is a member of a set of identifiers held by a server in a privacy-preserving manner. At a high level, PSM provides the following privacy guarantees: The server does not learn the client's queried identifier in the plaintext.The server does not learn whether...
Ddosify : High-performance Load Testing Tool
Ddosify is a High-performance load testing tool Features Protocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other protocols are on the way. Scenario-Based - Create your flow in a JSON file. Without a line of code! Different Load Types - Test your system's limits across different load types. Installation ddosify is available via Docker, Homebrew Tap, and downloadable pre-compiled binaries from the releases page for macOS, Linux and Windows. Docker docker run...
Koppeling : Adaptive DLL Hijacking / Dynamic Export Forwarding
Koppeling is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code. This project is comprised of the following elements: Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)Functions.dll: The "real" library which exposes valid functionality to the harnessTheif.dll: The "evil" library which is attempting...
What You Need To Know About the World’s First Cybersecurity Experience (CSX) Platform: Perimeter 81
Zero trust networking leader Perimeter 81 has announced its creation of the world’s first Cybersecurity Experience (CSX) Platform, thus becoming the first company to exist in a whole new category of cybersecurity tools. Perimeter 81 saw a desperate need in the modern enterprise cybersecurity market for a single source for streamlined Secure Access Service Edge (SASE) to merge dozens of...
The Ultimate Guide to Web Testing: Types and Key Areas
This guide is a web security testing bible that will help you with web safety. It includes a number of different web security testing strategies and types of web security testing. You'll learn how to test for vulnerabilities in your website, what the web looks like from an attacker's perspective, and what you can do to make sure your...
FakeDataGen : Full Valid Fake Data Generator
FakeDataGen is a Full Valid Fake Data Generator. This tool helps you to create fake accounts (in Spanish format) with fully valid data. Within this information, you can find the most common names, emails, bank details and other useful information. Requirements Python 3Install requirements.txt Download It is recommended to clone the complete repository or download the zip file. You can do this by...
