.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
RedELK – Essential Naming Requirements For Deployment
In the complex landscape of RedELK deployment, adhering to precise naming requirements is crucial for operational success. This article delves into the essential naming conventions necessary for a smoothly functioning RedELK setup. From FilebeatID to Redirector configurations, understand the specifics that ensure your cybersecurity infrastructure is effective and efficient. For a properly working RedELK setup it is required to pay...
Kdrill – Unveiling Rootkit Intrusions In Windows 64-Bit Systems
Kdrill is a tool to analyze the kernel land of Windows 64b systems (tested from Windows 7 to Windows 11). Its main objective is to assess if the kernel is compromised by a rootkit. The code is compatible with python2/3 without dependencies and can perfom checks without Microsoft symbols or Internet connectivity. For live memory/kernel analysis, the Winpmem driver is used and Kdrill interfaces itself...
LogHunter – A Revolutionary Tool For Session Detection via Event Logs
Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN). I was once doing a very complex project where there were over 1000 hosts in the infrastructure. I needed to detect the user session. Running Invoke-UserHunter would have been a huge mistake. That's when I came up with the idea that we could extract all the...
APKscan – Mastering Android Security Analysis
APKs (Android Package Kits) often leak secrets due to over-reliance on security through obscurity. Developers sometimes leave sensitive information such as API keys, tokens, and credentials hidden within the code, assuming that they won't be found easily since the code has been compiled and obfuscated. However, this approach is fundamentally flawed, and such secrets can be exposed, leading to potential security vulnerabilities. Identify Sensitive Locations In Application Code APKscan...
Akto.io – Comprehensive Security Testing And Inventory Management
Akto is an instant, open source API security platform that takes only 60 secs to get started. Akto is used by security teams to maintain a continuous inventory of APIs, test APIs for vulnerabilities and find runtime issues. Akto offers coverage for all OWASP top 10 and HackerOne Top 10 categories including BOLA, authentication, SSRF, XSS, security configurations, etc....
CCC : Cyberspace Under Siege – Understanding Crime, Espionage, And Conflict
This is a short graduate course providing an introduction to the areas of crime, espionage and conflicts in cyberspace. The material is used for the "Cybercrime, Cyberespionage, and Cyberwar" course currently taught in the Master in Cybersecurity at UC3M. The course provides a gentle, not very technical introduction to several contemporary security and privacy topics, including some bits of history, opponents and the current cyberthreat landscape, the underground...
Freeway – A Comprehensive Guide To WiFi Penetration Testing With Python
"Freeway" is a Python-based tool designed to enhance WiFi penetration testing and network security. Utilizing the capabilities of Scapy, it equips ethical hackers and security professionals with the necessary tools to audit and secure networks. Explore its robust features like packet monitoring, deauthentication attacks, and more to sharpen your cybersecurity skills. 1. Overview Freeway is a Python scapy-based tool for WiFi penetration...
ADSpider : Advanced Real-Time Monitoring Of Active Directory Changes
.webp "ADSpider : Advanced Real-Time Monitoring Of Active Directory Changes")
Tool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects. Parameters DC - domain controller FQDN.Formatlist - output in list instead of table.ExcludelastLogonTimestamp - exclude lastLogonTimestamp events from outputDumpAllObjects - dump all active directory before start. In case of changes It will show you...
VMware vCenter : CVE-2024-37081 Proof Of Concept
Este repositorio contiene una prueba de concepto (PoC) para la vulnerabilidad CVE-2024-37081 en VMware vCenter. La vulnerabilidad se debe a una mala configuración en el archivo /etc/sudoers que permite la preservación de variables ambientales peligrosas al ejecutar comandos sudo. Esto puede ser aprovechado por atacantes para ejecutar comandos arbitrarios con privilegios de root. Vulnerabilidad ID: CVE-2024-37081 Descripción: La mala configuración del parámetro Defaults env_keep en el archivo /etc/sudoers permite...
DetectItEasy With Python – A Comprehensive Guide
DetectItEasy-Python is a powerful tool designed to streamline file scanning and analysis using Python bindings. This article guides you through the straightforward installation process via pip or Git and provides essential details for utilizing the tool effectively across different operating systems. Whether you're a seasoned developer or new to cybersecurity, this guide makes it easy to leverage DetectItEasy's capabilities...
.webp "Bomber : Navigating Security Vulnerabilities In SBOMs")
