.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Volana – Mastering Stealth Command Execution During Penetration Testin
During pentest, an important aspect is to be stealth. For this reason you should clear your tracks after your passage. Nevertheless, many infrastructures log command and send them to a SIEM in a real time making the afterwards cleaning part alone useless.volana provide a simple way to hide commands executed on compromised machine by providing it self shell runtime (enter your command,...
OSINT-Collector : Harnessing Advanced Frameworks For Domain-Specific Intelligence Gathering
OSINT-Collector is an advanced framework that facilitates the collection, analysis, and management of OSINT information useful for conducting investigations in specific domains of interest. Table Of Contents Design and Architecture Requirements Sequence Diagram Interaction Flow Backend Configuration Importing OSINT Ontology Creating Domain Ontology with Wikidata Neo4j Plugins Launcher Frontend Add Tools Usage Run Tools View Results Make Inferences Search Engine Preventing a School Shooting: a DEMO Scenario! Design And Architecture In this framework has been used an Ontology approach: The OSINT Ontology describes how data extracted from OSINT sources should be inserted...
GoAccess : A Comprehensive Guide To Real-Time Web Log Analysis And Visualization
GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal on *nix systems or through your browser. It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly. Features GoAccess parses the specified web log file and outputs the data to the X terminal. Features include: Completely Real TimeAll panels and metrics are timed...
Wstunnel – Revolutionizing Network Access Through Advanced Tunneling Techniques
Most of the time when you are using a public network, you are behind some kind of firewall or proxy. One of their purpose is to constrain you to only use certain kind of protocols and consult only a subset of the web. Nowadays, the most widespread protocol is http and is de facto allowed by third party equipment. Wstunnel...
GCPwn – A Comprehensive Tool For GCP Security Testing
gcpwn was a tool built by myself while trying to learn GCP and leverages the newer GRPC client libraries created by google. It consists of numerous enumeration modules I wrote plus exploit modules leveraging research done by others in the space (ex. Rhino Security) along with some existing known standalone tools like GCPBucketBrute in an effort to make the tool a one-stop-shop for...
Quick Start – Comprehensive Guide To Installing And Configuring Malcolm On Linux Platforms
The files required to build and run Malcolm are available on its ({{ site.github.repository_url }}/tree/{{ site.github.build_revision }}). Malcolm's source-code is released under the terms of the Apache License, Version 2.0 (see ({{ site.github.repository_url }}/blob/{{ site.github.build_revision }}/LICENSE.txt) and ({{ site.github.repository_url }}/blob/{{ site.github.build_revision }}/NOTICE.txt) for the terms of its release). Building Malcolm From Scratch The build.sh script can build Malcolm's Docker images from scratch. See Building...
Installation – Comprehensive Guide To Using Androguard
The versatile capabilities of Androguard, a powerful tool for reverse engineering Android applications. This guide provides a step-by-step overview on how to install Androguard using different methods, including direct downloads from PyPI and builds from the latest commits on GitHub. Once installed, explore its comprehensive command-line interface that offers a range of functionalities from APK analysis to dynamic tracing....
Netis Cloud Probe – Bridging Network Monitoring Gaps ith Advanced Packet Capture Tools
Netis Cloud Probe (Packet Agent, name used before)is an open source project to deal with such situation: it captures packets on Machine A but has to use them on Machine B. This case is very common when you try to monitor network traffic in the LAN but the infrastructure is incapable, for example There is neither TAP nor SPAN device in a physical environment. The Virtual Switch Flow Table does not support...
RdpStrike – Harnessing PIC And Hardware Breakpoints For Credential Extraction
The RdpStrike is basically a mini project I built to dive deep into Positional Independent Code (PIC) referring to a blog post written by C5pider, chained with RdpThief tool created by 0x09AL. The project aims to extract clear text passwords from mstsc.exe, and the shellcode uses Hardware Breakpoint to hook APIs. It is a complete positional independent code, and when the shellcode injects into the mstsc.exe process, it is going to...
CVE-2024-29849 : The Veeam Backup Enterprise Manager Authentication Bypass
According to Veeam official advisory, all the versions BEFORE Veeam Backup Enterprise Manager 12.1.2.172 are vulnerable Usage First, you need to have the right setup for a local HTTPS setup, use the following commands openssl req -new -x509 -keyout key.pem -out server.pem -days 365 -nodes python CVE-2024-29849.py --target https://192.168.253.180:9398/ --callback-server 192.168.253.1:443 _______ _ _ _______ _______ _____ __ ...
.webp "Bomber : Navigating Security Vulnerabilities In SBOMs")
