.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
PPLBlade: Advanced Memory Dumping and Obfuscation Tool
Protected Process Dumper Tool that support obfuscating memory dump and transferring it on remote workstations without dropping it onto the disk. Key functionalities: Bypassing PPL protection Obfuscating memory dump files to evade Defender signature-based detection mechanisms Uploading memory dump with RAW and SMB upload methods without dropping it onto the disk (fileless dump) Overview of the techniques, used in this tool can be found...
IFL – Interactive Functions List : Enhancing IDA Pro With Advanced Function Navigation nd Import Features
Discover the power of the IFL - Interactive Functions List, a dynamic plugin designed to elevate your experience with IDA Pro. This user-friendly tool revolutionizes how you navigate between functions and their references, making your analysis more efficient. Whether you're importing reports from tools like PE-sieve or navigating in either a sleek dark or light theme, IFL has you...
Web3 Security Researcher Roadmap – Mastering Solidity And Smart Contract Audits By 2024
Embark on a journey to become a Web3 security expert with our comprehensive 2024 roadmap. This guide delves deep into mastering Ethereum, Solidity, and essential security practices through strategic courses, hands-on exercises, and community audits. Equip yourself with the knowledge and skills to navigate the complex landscape of smart contract security and blockchain vulnerabilities. An updated (by 2024) roadmap to...
Awesome TLS – Evading WAFs With Advanced Burp Suite Extension
This extension hijacks Burp's HTTP and TLS stack, allowing you to spoof any browser TLS fingerprint (JA3). It boosts the power of Burp Suite while reducing the likelihood of fingerprinting by various WAFs like CloudFlare, PerimeterX, Akamai, DataDome, etc. It does this without resorting to hacks, reflection or forked Burp Suite Community code. All code in this repository only leverages...
SMBclient-ng : A Comprehensive Tool For Managing SMB Shares
SMBclient-ng is a robust and intuitive command-line tool designed to enhance interactions with SMB shares, offering a plethora of commands to manage and navigate both local and remote file systems. This versatile tool simplifies the process of connecting to SMB servers, handling files, and managing directories. Whether you're a network administrator or a security professional, SMBclient-ng provides the essential...
MemFiles : Enhancing CobaltStrike With In-Memory File Management
MemFiles is a toolkit for CobaltStrike that enables Operators to write files produced by the Beacon process into memory, rather than writing them to disk on the target system. It has been successfully tested on Windows 7, 10, and 11; corresponding server versions should work without issue. MemFiles is restricted to x64 Beacons. It accomplishes this by hooking several different...
Fileless ELF Execution – Running Binaries In Memory With FEE
This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs). This makes it possible to execute binaries without leaving traces on the disk. The technique used for this is explained here. With default options for each interpreter, running binaries using fee does not write to disk whatsoever. This can be verified using tools...
Penetration Testing Tools – For Educational And Ethical Use
This repository contains a collection of tools and resources for penetration testing and security research. This repository is intended solely for educational purposes and ethical penetration testing. By accessing, using, or contributing to this repository, you agree to the following terms: Educational Use Only: The tools and information provided in this repository are for educational purposes only. They are designed to...
Red Team Interview Questions – A Deep Dive Into Red Teaming Essential
Welcome to the Red Team Interview Questions repository! This repository aims to provide a comprehensive list of topics and questions that can be helpful for both interviewers and candidates preparing for red team-related roles. Whether you're looking to assess your knowledge or preparing to interview candidates, these questions cover a wide range of essential topics in the field of...
GeoServer Vulnerability : Reverse Shell Execution For CVE-2024-36401
POC for CVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer. This POC is based on the security advisory by phith0n. How It Works Sets up a listener on your machine for incoming reverse shell from the target. This POC will send a post request with the payloads. Attempts to establish a shell on the target server. This technique assumes nc...
