.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
RITA : Real Intelligence Threat Analytics
RITA is a real intelligence threat analytics. RITA is an open source framework for network traffic analysis. The framework ingests Bro/Zeek Logs in TSV format, and currently supports the following major features: Beaconing Detection: Search for signs of beaconing behavior in and out of your network DNS Tunneling Detection Search for signs of DNS based covert channels Blacklist Checking: Query blacklists...
How To Prevent Hacking in 2020
Hacking is a term that refers to an unauthorized intrusion into a computer network or system. Hackers may alter a computer system and its security features to accomplish fraudulent and illegal goals, depending on the functions of the devices connected to the network. The entire procedure may involve several different techniques, like password cracking and installing malware. You can use...
Eaphammer : Targeted Evil Twin Attacks Against Wpa2-Enterprise Networks
EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual configuration. To illustrate just how fast this tool is,...
Postenum : Tool For Basic/Advanced Privilege Escalation Techniques
Postenum is a clean, nice and easy tool for basic/advanced privilege escalation vectors/techniques. The tool is intended to be executed locally on a Linux box. Be more than a normal user. be the ROOT. USE ./postenum.sh ./postenum.sh -s ./postenum.sh -c Also Read - SIEM – A Beginner’s Guide to Security Information and Event Management Tools Options -a : All -s : Filesystem...
SMTPTester : Small Python3 Tool To Check Common Vulnerabilities In SMTP Servers
SMTPTester is a python3 tool to test SMTP server for 3 common vulnerabilities: Spoofing - The ability to send a mail on behalf of an internal userRelay - Using this SMTP server to send email to other address outside of the organizationUser Enumeration - using the SMTP VRFY command to check if specific username andor email address exist within the...
Tylium : Primary Data Pipelines For Intrusion Detection, Security Analytics & Threat Hunting
Tylium is a primary data pipelines for intrusion detection, security analytics and threat hunting. These files contain configuration for producing EDR (endpoint detection and response) data in addition to standard system logs. These configurations enable the production of these data streams using F/OSS (free and / or open source tooling.) The F/OSS tools consist of Auditd for Linux;...
FSMon : Monitor Filesystem On iOS / OS X / Android / FirefoxOS / Linux
FSMon or FileSystem Monitor utility that runs on Linux, Android, iOS and OSX. Brought to you by Sergi Àlvarez at Nowsecure and distributed under the MIT license. Usage The tool retrieves file system events from a specific directory and shows them in colorful format or in JSON. It is possible to filter the events happening from a specific program name or process...
Traxss : Automated XSS Vulnerability Scanner
Traxss is an automated framework to scan URLs and webpages for XSS Vulnerabilities. It includes over 575 Payloads to test with and multiple options for robustness of tests. View the gif above to see a preview of the fastest type of scan. Getting Started Prerequisites Traxss depends on Chromedriver. On MacOS this can be installed with the homebrew command: brew install cask...
DECAF : Dynamic Executable Code Analysis Framework
DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF. DECAF++, the new version of DECAF, taint analysis is around 2X faster making it the fastest, to the best of our knowledge, whole-system...
Mosca : Manual Search Tool To Find Bugs Like A Grep Unix Command
Mosca is a manual analysis tool to find bugs like a grep unix command and since it is not dynamic the uses static code to search don't confuse with academic views hahaha don't have graph here or CFG which is a simple "grep" egg modules is a config to find to vulnerabilitiesyou can use at C, PHP, javascript, ruby etcSave...
%20(1).png "NTLMRecon : Enumerate Information From NTLM Authentication Enabled Web Endpoints")
.webp "SharpExclusionFinder – Streamlining Windows Defender Exclusion Checks With Advanced Scanning Capabilities")
