.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
Heap Exploitation Training : A Comprehensive Guide From Basics To Advanced Techniques
This article delves into our comprehensive training program designed to teach you the intricacies of exploiting heap vulnerabilities in glibc. Originally taught at prestigious conferences like DEFCON and CanSecWest, this program offers a mix of free videos, slides, and hands-on exercises to enhance your learning. Whether you are a beginner looking to understand the basics of malloc and heap...
BloodHound.py : Installation, Usage, And Features
BloodHound.py is a Python based ingestor for BloodHound, based on Impacket. The code in this branch is only compatible with BloodHound 4.2 and 4.3. For BloodHound CE, check out the bloodhound-ce branch Installation There are different install methods for BloodHound Community Edition (CE) and BloodHound legacy. You can only have one of the two tools installed at the same time, unless you...
100 Days Of Rust 2025 : From Incident Response To Linux System Programming
In 2025 I wanted to try something new. In addition to a traditional 100 days of Yara, I will also be doing 100 days of Rust. For some time it has been my goal to learn Rust, but I've never had enough time for it. I think 100 days challenge is a pretty good format to learn something new,...
Presenterm : Revolutionizing Terminal-Based Presentations With Markdown
presenterm lets you create presentations in markdown format and run them from your terminal, with support for image and animated gifs, highly customizable themes, code highlighting, exporting presentations into PDF format, and plenty of other features. Features Define your presentation in a single markdown file. Images and animated gifs on terminals like kitty, iterm2, and wezterm. Customizeable themes including colors, margins, layout (left/center...
JailbreakEval : Automating the Evaluation Of Language Model Security
Jailbreak is an attack that prompts a language model to give actionable responses to harmful behaviors, such as writing an offensive letter, providing detailed instructions for creating a bomb. Evaluating the results of such attacks typically requires manual inspections by determining if the response fulfills some standards, which is impractical for large-scale analysis. As a result, most research on jailbreak...
HASH : Harnessing HTTP Agnostic Software Honeypots For Enhanced Cybersecurity
The main philosophy of HASH is to be easy to configure and flexible to mimic any software running on HTTP/HTTPs. With the minimum footprint possible to avoid being detected as honeypot. Features Single framework to deploy HTTP/HTTPs based honeypots Easily configurable via YAML files Built-in honeytraps Powerful randomization based on fakerjs to avoid honeypot detection Optionally, integration with Datadog to ingest and analyze honeypots logs...
SECurityTr8Ker : SEC Cybersecurity Disclosure Monitor
SECurityTr8Ker is a Python application designed to monitor the U.S. Securities and Exchange Commission's (SEC) RSS feed for new 8-K filings that contain material cybersecurity incident disclosures. This tool is particularly useful for cybersecurity analysts, financial professionals, and researchers interested in real-time alerts of cybersecurity incidents disclosed by publicly traded companies. Features Real-time Monitoring: Continuously monitors the SEC's RSS feed for...
ripgrep : The Fast, Flexible Search Tool
ripgrep is a line-oriented search tool that recursively searches the current directory for a regex pattern. By default, ripgrep will respect gitignore rules and automatically skip hidden files/directories and binary files. (To disable all automatic filtering by default, use rg -uuu.) ripgrep has first class support on Windows, macOS and Linux, with binary downloads available for every release. ripgrep...
InfluxDB : The Open Source Leader In Time Series Data And Real-Time Analytics
InfluxDB is the leading open source time series database for metrics, events, and real-time analytics. Project Status This main branch contains InfluxDB v3 in pre-release and under active development. Build artifacts are not yet generally available and official installation instructions will be coming later this year. For now, a Dockerfile is provided and can be adapted or used for inspiration by...
Fuxploider : Automating File Upload Vulnerability Exploitation
Fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws. This tool is able to detect the file types allowed to be uploaded and is able to detect which technique will work best to upload web shells or any malicious file on the desired web server. Installation You will need Python...
