Priv2Admin : Exploitation Paths Allowing You To (Mis)Use The Windows Privileges
Priv2Admin idea is to "translate" Windows OS privileges to a path leading to: administrator,integrity and/or confidentiality threat,availability threat,just a mess. Privileges are listed and explained at: https://docs.microsoft.com/en-us/windows/win32/secauthz/privilege-constants If the goal can be achieved multiple ways, the priority is Using built-in commandsUsing PowerShell (only if a working script exists)Using non-OS toolsUsing any other method You can check your own privileges with whoami /priv. Disabled privileges are as...
7 Ways in Which You Can Keep Yourself Safe on the Internet
It's easy to find ways to stay safe on the internet. With today's technology, you can stay connected with loved ones and friends all over the world from the convenience of your own home. Still, if you don't practice proper internet safety while online, you can encounter a range of dangerous web behaviors that put you at risk of...
Kiterunner : Contextual Content Discovery Tool
For the longest of times, content discovery has been focused on finding files and folders. While this approach is effective for legacy web servers that host static files or respond with 3xx’s upon a partial path, it is no longer effective for modern web applications, specifically APIs. Over time, we have seen a lot of time invested in making content...
Red-Detector : Scan Your EC2 Instance To Find Its Vulnerabilities Using Vuls.io
Red-Detector is a tool to Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/). Audit your EC2 instance to find security misconfigurations using Lynis (https://cisofy.com/solutions/#lynis). Scan your EC2 instance for signs of a rootkit using Chkrootkit (http://www.chkrootkit.org/). Requirements Configured AWS account with the EC2 actions mentioned below. The policy containing these requirements can be found in red-detector-policy.json. Actions details: Required action premissionWhy it...
Evasor : A Tool To Be Used In Post Exploitation Phase For Blue
The Evasor is an automated security assessment tool which locates existing executables on the Windows operating system that can be used to bypass any Application Control rules. It is very easy to use, quick, saves time and fully automated which generates for you a report including description, screenshots and mitigations suggestions, suites for both blue and red teams in...
Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell
Pystinger implements SOCK4 proxy and port mapping through webshell. It can be directly used by metasploit-framework, viper, cobalt strike for session online. Pystinger is developed in python, and currently supports three proxy scripts: php, jsp(x) and aspx. Usage Suppose the domain name of the server is http://example.com :8080 The intranet IPAddress of the server intranet is 192.168.3.11 SOCK4 Proxy proxy.jsp Upload to the target server and ensure that http://example.com:8080/proxy.jsp can access,the page...
CANalyse : A Vehicle Network Analysis And Attack Tool
CANalyse is a tool built to analyze the log files to find out unique datasets automatically and able to connect to simple user interfaces such as Telegram. Basically, while using this tool the attacker can provide a bot-ID and use the tool over the internet through telegram-bot. CANalyse is made to be placed inside a raspberry-PI and able to...
Judge Jury And Executable : A File System Forensics Analysis Scanner & Threat Hunting Tool
Judge Jury And Executable is a File System Forensics Analysis Scanner And Threat Hunting Tool Features Scan a mounted filesystem for threats right awayOr gather a system baseline before an incident, for extra threat hunting abilityCan be used before, during or after an incidentFor one to many workstationsScans the MFT, bypassing file permissions, file locks or OS file protections/hiding/shadowingUp to 51...
KubeArmor : Container-aware Runtime Security Enforcement System
Introduction to KubeArmor KubeArmor is a container-aware runtime security enforcement system that restricts the behavior (such as process execution, file access, networking operation, and resource utilization) of containers at the system level. KubeArmor operates with Linux security modules (LSMs), meaning that it can work on top of any Linux platforms (such as Alpine, Ubuntu, and Container-optimized OS from Google) if Linux security...
Botkube : An App That Helps You Monitor Your Kubernetes Cluster, Debug Critical Deployments And Gives Recommendations For Standard Practices
BotKube integration with Slack, Mattermost or Microsoft Teams helps you monitor your Kubernetes cluster, debug critical deployments and gives recommendations for standard practices by running checks on the Kubernetes resources. You can also ask BotKube to execute kubectl commands on k8s cluster which helps debugging an application or cluster. Hacktoberfest 2020 BotKube is participating in Hacktoberfest 2020. We are giving some really cool swags to our...
