.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
CVE-2024-26229 : Address Validation Flaws In IOCTL With METHOD_NEITHER
.webp "CVE-2024-26229 : Address Validation Flaws In IOCTL With METHOD_NEITHER")
delve into CVE-2024-26229, a critical security vulnerability identified within the csc.sys driver, pivotal in handling I/O control codes. This issue is catalogued under CWE-781, indicating a severe oversight in address validation mechanisms when utilizing METHOD_NEITHER I/O Control Codes. Such vulnerabilities pose significant risks as they could allow attackers to execute arbitrary code within the kernel, leading to potential system...
DumpMDEConfig – Extracting Microsoft Defender Configuration And Logs With PowerShell Script
Invoke-DumpMDEConfig is a PowerShell script designed to extract and display Microsoft Defender configuration and logs, including excluded paths, enabled ASR rules, allowed threats, protection history, and Exploit Guard protection history. The script provides options to output the data in a table or CSV format. Usage # To run the script and output the results in list format: Invoke-DumpMDEConfig # To run the script and...
Phishing Engagement Infrastructure Setup Guide
The essential steps and strategies for setting up a robust phishing engagement infrastructure. From acquiring and categorizing domains to automating your phishing efforts, this article provides practical insights and resources for building effective phishing campaigns. We also delve into innovative methods for email delivery that bypass common security filters, ensuring your phishing emails reach their intended targets. Whether you're...
Detection Lab – A Comprehensive Overview Of Its Features, Documentation, And Legacy
This lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts. Read more about Detection Lab...
Kupa3 – Script Dependencies And Domain Connections On Websites
Kupa3 allows you to draw connections between scripts on specific website. It search for javascript code or source attribute, in html code, and crawls it in order to draw a dependency graph. This approach can help bug hunters to discover subdomains and examine javascript calls, OSINT researchers to check what companies are connected to each other or for tracking...
Whapa – Comprehensive Guide To The WhatsApp Forensic Toolset
In the digital age, forensic analysis of messaging applications like WhatsApp is crucial for both security and investigative purposes. 'Whapa' offers a sophisticated suite of tools designed to parse and analyze WhatsApp data on Android and iOS devices. Developed with Python and supported on multiple operating systems, Whapa enhances forensic capabilities with its robust features and compatibility. Whatsapp Parser Toolset Updated:...
iOS Frequent Locations Dumper – A Comprehensive Guide To Extracting Location Data
A powerful tool designed to extract and decode location data stored on iOS devices. By accessing the StateModel#.archive files, users can effectively dump location data into various formats, including KML and CSV. This guide provides a detailed walkthrough on using the script, along with necessary dependencies and usage examples to get started. Dump the contents of the StateModel#.archive files located...
The Docker Forensics Toolkit : A Comprehensive Guide For Post-Mortem Analysis
This repo contains a toolkit for performing post-mortem analysis of Docker runtime environments based on forensic HDD copies of the docker host system. Features mount-image Mounts the forensic image of the docker host status Prints status information about the container runtime list-images Prints images found on the computer show-image-history Displays the build history of an image show-image-config Pretty prints the full config file of an image list-containers Prints containers found on the...
Holehe Maltego Transform – Your Tool For Digital Investigation And Information Gathering
.webp "Holehe Maltego Transform – Your Tool For Digital Investigation And Information Gathering"){kind=spacer}
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function. In the evolving landscape of online intelligence, the Holehe Maltego Transform emerges as a pivotal tool for digital investigators. Designed to reveal how email addresses are used across various platforms, Holehe leverages...
Holehe OSINT – Email To Registered Accounts
Holehe checks if an email is attached to an account on sites like twitter, instagram, imgur and more than 120 others. Retrieves information using the forgotten password function. Does not alert the target email. Runs on Python 3. Installation With PyPI pip3 install holehe With Github git clone https://github.com/megadose/holehe.git cd holehe/ python3 setup.py install With Docker docker build . -t my-holehe-image docker run my-holehe-image holehe test@gmail.com Quick Start Holehe can be run from the CLI...
.webp "Bomber : Navigating Security Vulnerabilities In SBOMs")
