Embassy : Revolutionizing Embedded Systems With Rust And Asynchronous Programming
Embassy is the next-generation framework for embedded applications. Write safe, correct and energy-efficient embedded code faster, using the Rust programming language, its async facilities, and the Embassy libraries. Documentation - API reference - Website - Chat Rust + async Embedded The Rust programming language is blazingly fast and memory-efficient, with no runtime, garbage collector or OS. It catches a wide variety of...
AttackRuleMap : Bridging Adversary Simulations And Detection Rules For Enhanced Cybersecurity
This repository provides a mapping of Atomic Red Team attack simulations to open-source detection rules, such as Sigma and Splunk ESCU. Project Purpose The goal of this project is to bridge the gap between Atomic Red Team's adversary simulations and open-source detection rules. By doing so, this project aims to help security professionals simulate attacks and evaluate their detection strategies more...
Qdrant : A High-Performance Vector Similarity Search Engine
Qdrant (read: quadrant) is a vector similarity search engine and vector database. It provides a production-ready service with a convenient API to store, search, and manage points—vectors with an additional payload Qdrant is tailored to extended filtering support. It makes it useful for all sorts of neural-network or semantic-based matching, faceted search, and other applications. Qdrant is written in Rust,...
ShadowHound : Leveraging PowerShell For Stealthy Active Directory Enumeration
ShadowHound is a set of PowerShell scripts for Active Directory enumeration without the need for introducing known-malicious binaries like SharpHound. It leverages native PowerShell capabilities to minimize detection risks and offers two methods for data collection: ShadowHound-ADM.ps1: Uses the Active Directory module (ADWS). ShadowHound-DS.ps1: Utilizes direct LDAP queries via DirectorySearcher. Blog Post For more details and context, check out the blog post. Scripts Overview ShadowHound-ADM.ps1 Method:...
Awesome EDR Bypass : A Comprehensive Guide For Ethical Hackers
EDR bypass technology is not just for attackers. Many malware now have EDR bypass capabilities, knowledge that pentesters and incident responders should also be aware of. This repository is not intended to be used to escalate attacks. Use it for ethical hacking. PoC trickster0/TartarusGate: TartarusGate, Bypassing EDRs am0nsec/HellsGate: Original C Implementation of the Hell's Gate VX Technique The paper PDF has a nice...
Better-Sliver : The Community-Driven Fork For Advanced Security Testing
Welcome to Better-Sliver, a fork of the Sliver project. This fork is intended to be a community-driven effort to improve the Sliver project. The goal is to make Sliver less detectable by adding more features, changing default fingerprints, and adding more obfuscation options. This fork is not intended to be a replacement for Sliver, but rather a place to...
Fuzzing Lab : Mastering Software Testing Techniques With UCLA ACM Cyber
This is the repository for the Introduction to Fuzzing Lab run by ACM Cyber at UCLA. Click on one of the links below to get started! WeekTopicSlidesLabWeek 2Intro to FuzzingSlidesUsing HonggfuzzWeek 3Fuzzing LibrariesSlidesFuzzing LibrariesWeek 4Writing HarnessesSlidesWriting HarnessesWeek 5Coverage AnalysisSlidesWriting HarnessesWeek 6Structure-Aware FuzzingSlidesWork on ProjectWeek 7Project WorkSlidesWork on ProjectWeek 8Wrapping UpSlidesWork on ProjectWeek 9Break for Thanksgiving--Week 10Present at Symposium-- Interested to see...
Apache HTTP Server Vulnerability Testing Tool
This repository provides a Proof of Concept (PoC) for testing various vulnerabilities in the Apache HTTP Server, including Filename Confusion Attacks, SSRF, Denial of Service, and others related to recent CVEs. The tool sends crafted HTTP requests to assess whether the server is vulnerable to certain types of attacks. Features Tests for multiple vulnerabilities including: CVE-2024-38472: Apache HTTP Server on Windows UNC...
Wez’s Terminal : A Rust-Powered GPU-Accelerated Terminal Emulator
A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust Getting Help This is a spare time project, so please bear with me. There are a couple of channels for support: You can use the GitHub issue tracker to see if someone else has a similar issue, or to file a new one. Start or join a thread in...
AutorizePro : Revolutionizing Authorization Testing With AI
一句话介绍工具: AutorizePro 是一款创新性的内置AI分析模块的专注于越权检测的 Burp 插件 (已有多个白帽反馈用工具嘎嘎挖到src洞, 每周末更新, 欢迎Star🌟以便持续跟踪项目最新版本功能) 工具背景 越权漏洞在黑盒测试、SRC挖掘中几乎是必测的一项,但手工逐个测试越权漏洞往往会耗费大量时间。 而自动化工具又因为接口的多样化,难以制定一个全面的检测逻辑而存在大量误报, 基于此产生了 AI辅助分析的检测工具 ➡️ AutorizePro !! ⬅️ 工具亮点 优化检测逻辑 && 增加 AI 分析模块(可选项) ,将工具原始误报率从 99% 降低至 5% ,从海量误报中解脱出来 对于需要人工确认的告警可通过展示页面并排查看 原始请求、越权请求 以及 未授权请求 的数据包方便对比差异 支持多种自定义的配置项,如过滤器配置、替换规则配置、导出报告、支持多种大模型分析 ( 默认为YYDS的通义千问 ) 等 🔧 安装AutorizePro 1️⃣ 下载 Burp Suite 和 Jytho 1. 下载 Burp Suite:https://portswigger.net/burp/releases 2. 下载 Jython standalone JAR 文件:https://www.jython.org/download.html 2️⃣ 配置 Burp Suite 的 Python 环境 1. 打开 Burp Suite 2. 导航到 Extender -> Options 3. 在...
