XDR and the Cloud Security Architecture
Cloud security raises significant challenges for organizations, as more workloads and mission critical applications move to the cloud. XDR is a new security category that can have a major impact on these challenges, by combining security data from the cloud, corporate networks and endpoints, and visualizing threats present in all three environments. In this article I’ll introduce the modern cloud...
Go-Shellcode : A Repository Of Windows Shellcode Runners And Supporting Utilities
Go-Shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques. The available Shellcode runners include: CreateFiber This application leverages the Windows CreateFiber function from the Kernel32.dll to execute shellcode within this application's process. This is usefull when you want to avoid remote process injection and want to avoid calling CreateThread. This application DOES NOT leverage functions from...
CThreadHijack : Beacon Object File (BOF) For Remote Process Injection Via Thread Hijacking
cThreadHijack is a Beacon Object File (BOF) for remote process injection, via thread hijacking, without spawning a remote thread. Accompanying blog can be found here. cThreadHijack works by injecting raw Beacon shellcode, generated via a user-supplied listener argument, into a remote process, defined by the user-supplied PID argument, via VirtualAllocEx and WriteProcessMemory. Then, instead of spawning a new remote thread via CreateRemoteThread or other APIs,...
TwiTi : Tool for extracting IOCs from tweet
TwiTi, a tool for extracting IOCs from tweets, can collect a large number of fresh, accurate IOCs.TwiTi does classifying whether a tweet contains IOCs or not.extracting IOCs from a tweet and also from links mentioned in a tweet. For more details please refer to our paper,"#Twiti: Social Listening for Threat Intelligence" (TheWebConf 2021)Also, you can find supplementary materials of the paper...
WARCannon : High Speed/Low Cost CommonCrawl RegExp In Node.js
WARCannon was built to simplify and cheapify the process of 'grepping the internet'. With WARCannon, you can: Build and test regex patterns against real Common Crawl dataEasily load Common Crawl datasets for parallel processingScale compute capabilities to asynchronously crunch through WARCs at frankly unreasonable capacity.Store and easily retrieve the results How It Works WARCannon leverages clever use of AWS technologies to horizontally scale...
ChangeTower : Tool To Help You Watch Changes In Webpages And Get Notified Of Any Changes
ChangeTower is intended to help you watch changes in webpages and get notified of any changes written in GoThis tools is good to know the web pages are update something or not to work on the new site before others. Installation Instructions ChangeTower requires go1.16+ to install successfully. Run the following command to get the repo go get -v github.com/Dc4ts/ChangeTower If you havent...
Elpscrk : An Intelligent Common User-Password Profiler Based On Permutations And Statistics
Elpscrk is an Intelligent common user-password profiler that's named after the same tool in Mr. Robot series S01E01. In simple words, elpscrk will ask you about all info you know about your target then will try to generate every possible password the target could think of, it all depends on the information you give, the flags you activate, and the...
How to Pick The Right Web Design & Development Firm
Every future-oriented company must have its website in this age of digital transformation. Your website ensures that clients can understand everything about your company ranging from values, mission, services, cultures, etc. Also, it helps your clients to reach you faster and ensure that you never miss a client ever again. So, your website is your identity, and that's why...
Uchihash : A Small Utility To Deal With Malware Embedded Hashes
Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dynamically importing APIs (especially in shellcode)Checking running process used by analysts (Anti-Analysis)Checking VM or Antivirus artifacts (Anti-Analysis) Uchihash can generate hashes with your own custom hashing algorithm, search for a list of hashes in an already generated...
SharpLAPS : Retrieve LAPS Password From LDAP
SharpLAPS is a tool to Retrieve LAPS Password From LDAP. The attribute ms-mcs-AdmPwd stores the clear-text LAPS password. This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory. Require (either): Account with ExtendedRight or Generic All RightsDomain Admin privilege Usage _ _ _ / // /_ _ / / / | / _ / / _ / _ / _...
.png "Fennec : Artifact Collection Tool For *Nix Systems")
