.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
ScriptSentry : Uncovering And Mitigating Risks In Logon Scripts
ScriptSentry finds misconfigured and dangerous logon scripts. ScriptSentry is a powerful tool designed to detect misconfigured and hazardous logon scripts that can pose significant security risks. It identifies unsafe permissions, plaintext credentials, and other vulnerabilities in UNC paths, GPOs, and NETLOGON/SYSVOL shares. By highlighting these issues, ScriptSentry empowers organizations to secure their logon processes effectively. Usage # Run ScriptSentry and display...
SilentLoad : Stealth Driver Loading For Secure Engagements
SilentLoad is a powerful exploitation tool designed to load drivers stealthily by directly setting up service registry keys via NtLoadDriver. This method minimizes detection risks, making it ideal for BYOVD (Bring Your Own Vulnerable Driver) scenarios where traditional service creation triggers alerts. SilentLoad does not drop the driver itself, allowing users to maintain control over deployment. Its lightweight design...
Elementary OS 8 With New Secure Session Privacy Consent
Elementary OS 8 has been released with a significant focus on privacy, security, and user consent. The new Secure Session feature is a cornerstone of this update, designed to ensure that applications respect user privacy and require explicit consent for various actions Secure Session The Secure Session in elementary OS 8 is powered by Wayland, a modern and secure method for...
Raspberry Pi Launches Compute Module 5 With Wi-Fi And Bluetooth
Today we’re happy to announce the much-anticipated launch of Raspberry Pi Compute Module 5, the modular version of our flagship Raspberry Pi 5 single-board computer, priced from just $45. An Unexpected Journey We founded the Raspberry Pi Foundation back in 2008 with a mission to give today’s young people access to the sort of approachable, programmable, affordable computing experience that I...
Ulfberht : Advanced Techniques For Shellcode Loading And Evasion
Ulfberht is a sophisticated shellcode loader designed to enhance operational security and evasion capabilities in cyber operations. Equipped with features like indirect syscalls, module stomping, and encrypted payloads, it minimizes the digital footprint on targeted systems. This article delves into Ulfberht's functionality, offering a step-by-step guide on its deployment and highlighting strategies to avoid detection. Ideal for security professionals...
TrailShark : Revolutionizing AWS CloudTrail Analysis With Wireshark Integration
.webp "TrailShark : Revolutionizing AWS CloudTrail Analysis With Wireshark Integration")
The TrailShark Capture Utility seamlessly integrates with Wireshark, facilitating the capture of AWS CloudTrail logs directly into Wireshark for near-real-time analysis. This tool can be used for debugging AWS API calls and played a pivotal role in our "Bucket Monopoly Research" project. By leveraging this utility, we were able to understand the internal API calls made by AWS, leading...
Genzai : The Ultimate IoT Security Toolkit – Setup, Features, And Usage
The tool is written in Go, so make sure to install it on your system before proceeding. The setup is pretty easy and straight forward. Just follow the below steps in order to quickly install and get the binary working.Firstly clone the repo to any directory/path of your liking, git clone https://github.com/umair9747/Genzai.git Afer this, just run the following command in order...
MITRE ATT&CK Evaluations And Must-Have Intelligence For Security Leaders
In today’s dynamic threat landscape, security leaders are under constant pressure to make informed choices about which solutions and strategies they employ to protect their organizations. The “MITRE Engenuity ATT&CK Evaluations (PDF Guide): Enterprise” stand out as an essential resource for cybersecurity decision makers to navigate this challenge. Unlike other independent assessments, MITRE ATT&CK Evaluations simulate real-world threats to assess how...
DICOMHawk – A Honeypot For Secure DICOM Server Monitoring
DICOMHawk is a powerful and efficient honeypot for DICOM servers, designed to attract and log unauthorized access attempts and interactions. Built using Flask and pynetdicom, DICOMHawk offers a streamlined web interface for monitoring and managing DICOM interactions in real-time. Features DICOM Server Simulation: Supports C-ECHO, C-FIND, and C-STORE operations to simulate a realistic DICOM server environment. Logging: Detailed logging of DICOM associations,...
Stratus Red Team – Advancing Threat Detection And Offensive Testing In Cloud Environments
Stratus Red Team is a cutting-edge tool designed to enhance cloud security by simulating granular attack techniques in live environments. Inspired by Atomic Red Team™, it focuses exclusively on cloud-based scenarios, allowing security teams to validate and refine their threat detection capabilities. This self-contained binary enables users to detonate specific techniques mapped to the MITRE ATT&CK framework. Whether stopping...
.webp "BlueSpy – PoC To Record Audio From A Bluetooth Device")
