Http-Request-Smuggling : HTTP Request Smuggling Detection Tool
Http-Request-Smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request to bypass security controls and gain unauthorized access to performs malicious activities, the vulnerability was discovered back in 2005 by watchfire and later in August 2019 it re-discovered by James Kettle - (albinowax) and presented at DEF CON 27 and Black-Hat USA, to know more about this vulnerability...
AlanFramework : A Post-Exploitation Framework
AlanFramework is a post-exploitation framework useful during red-team activities. Changelog 3.0.0 - 15/05/2021 Renamed agent shell quit command to exitImplemented agent migration via migrate commandFixed error in retrieving OS versionAdded DLL as agent format in the creation wizard.Implemented ps command to list the currently running processesImplemented download command to locally download a file or an entire directoryImplemented upload command to upload files to the compromised hostImplemented SuccessRequest as HTTP server response option to customize the...
Karton : Distributed Malware Processing Framework Based On Python, Redis And MinIO
Karton is a robust framework for creating flexible and lightweight malware analysis backends. It can be used to connect malware* analysis systems into a robust pipeline with very little effort. We've been in the automation business for a long time. We're dealing with more and more threats, and we have to automate everything to keep up with incidents. Because of this, we often end...
Wsh : Web Shell Generator And Command Line Interface
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client since interacting with webshells is a pain. There's a form, to send a command you have to type in an input box and press a button. I wanted something that fits into my workflow better and ran in the...
Jarm : Active Transport Layer Security (TLS) server fingerprinting tool
JARM is an active Transport Layer Security (TLS) server fingerprinting tool. JARM fingerprints can be used to: Quickly verify that all servers in a group have the same TLS configuration.Group disparate servers on the internet by configuration, identifying that a server may belong to Google vs. Salesforce vs. Apple, for example.Identify default applications or infrastructure.Identify malware command and control infrastructure and...
Learning The Term Search Engine Optimization and Its Sources
SEO refers to the method of creating an internet site that lot of visibility on a probe engine’s results page. To clarify, a good SEO strategy can place a company’s website at the highest of the list on a Google search page, thus increasing the chance that individuals can visit the positioning. Search engines attempt to produce the foremost...
From Alan Turing to Harvard Computer Science: How Programming Has Changed
Alan Turing’s story about programming is cited by many people because it depicts how the gay community is stigmatized. His contribution cuts across disciplines such as cryptography, biology, mathematics, and artificial intelligence. Turing’s work was initially unrecognized but he later discovered the Turing machine that facilitated the cracking of Enigma code in the world of programming. Programming has changed in...
How your web design can impact your content marketing?
How your web design can impact your content marketing? The web design that a brand uses has a great impact in determining the potential of customer attracting and retaining. Whether it is the color you have picked for your website or the images you have added to it, everything works to improve your brand's value. Thus considering a bad design...
UnhookMe : An Universal Windows API Resolver And Unhooker Addressing Problem Of Invoking Unmonitored System Calls From Within Of Your Red Teams Malware
UnhookMe is a Universal Windows API Resolver And Unhooker Addressing Problem Of Invoking Unmonitored System Calls From Within Of Your Red Teams Malware In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their enhanced optics requirements, modern adversaries must have a robust tool to slide through these watchguards. The propsed implementation of dynamic...
Sigurlfind3R : A Reconnaissance Tool To Fetch URLs From AlienVault’s OTX
Sigurlfind3R is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback Machine. Usage sigurlfind3r -h This will display help for the tool. () _ _ _ _ _ | |/ ()_ | | / _/ | |/ | | | | '__| | |_| | '_ / _ | | | '|__ | (| | || | |...
.webp "THREAT ACTORS – TTPs : Decoding The Digital Underworld Through Comprehensive Mapping")
