FLARE-VM : A Comprehensive Guide To Establishing A Reverse Engineering Lab On Windows
Welcome to FLARE-VM - a collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a virtual machine (VM). FLARE-VM was designed to solve the problem of reverse engineering tool curation and relies on two main technologies: Chocolatey and Boxstarter. Chocolatey is a Windows-based Nuget package management system,...
AWeSomeUserFinder : Harnessing AWS IAM For Username Enumeration And Password Security
AWS IAM Username Enumerator and Password Spraying Tool in Python3 In order to use the tool with the UpdateAssumeRolePolicy method, the IAM user account utilized must have the following permissions attached: "iam:GetRole" "iam:CreatePolicy" "iam:UpdateAssumeRolePolicy" "iam:CreateRole" "iam:AttachRolePolicy" An example policy is included in the files named "example_assume_role_policy.json" in the example_policies directory. Additionally, an AWS access key and AWS secret key are required. See this link for information on...
Monolith : The Ultimate Tool For Compiling Entire Web Pages Into Single HTML Files
A data hoarder’s dream come true: bundle any web page into a single HTML file. You can finally replace that gazillion of open tabs with a gazillion of .html files stored somewhere on your precious little drive. Unlike the conventional “Save page as”, monolith not only saves the target document, it embeds CSS, image, and JavaScript assets all at once,...
Useful Bug Bounty And Security Related Write-ups : A Comprehensive Guide For Enthusiasts
This repo contains all variants of information security & Bug bounty & Penetration Testing write-up design for beginners or newcomers who are confused or don't know which keyword to search. All these articles' links are fetched from medium.com (A popular blog sharing site for a variety of different interest people) Note: All of them were generated by an automation tool...
Conduwuit : Pioneering A New Era In Matrix Homeservers
Matrix is an open network for secure and decentralized communication. Users from every Matrix homeserver can chat with users from all other Matrix servers. You can even use bridges (also called Matrix Appservices) to communicate with users outside of Matrix, like a community on Discord. What Is The Goal? A high-performance and efficient Matrix homeserver that's easy to set up and...
LSMS – Linux Security And Monitoring Scripts
Linux Security And Monitoring Scripts are a collection of security and monitoring scripts you can use to monitor your Linux installation for security-related events or for an investigation. Each script works on its own and is independent of other scripts. The scripts can be set up to either print out their results, send them to you via mail, or...
Fiber – Using Fibers To Run In-Memory Code
A fiber is a unit of execution that must be manually scheduled by the application rather than rely on the priority-based scheduling mechanism built into Windows. Fibers are often called lightweight threads. For more detailed information about what are and how fibers work consult the official documentation. Fibers allow to have multiple execution flows in a single thread, each...
XSS-Exploitation-Tool : A Penetration Testing Tool
.png "XSS-Exploitation-Tool : A Penetration Testing Tool")
XSS Exploitation Tool is a penetration testing tool that focuses on the exploit of Cross-Site Scripting vulnerabilities. Disclaimer: This tool is only for educational purpose, do not use it against real environment Features Technical Data about victim browser Geolocation of the victim Snapshot of the hooked/visited page Source code of the hooked/visited page Exfiltrate input field data Exfiltrate cookies Keylogging Display alert box Redirect user Installation Tested on Debian 11 You may need Apache,...
Promptmap
.webp "Promptmap")
Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the system, an attacker can force the ChatGPT instance to take unintended actions. promptmap is a tool that automatically tests prompt injection attacks on ChatGPT instances. It analyzes your ChatGPT rules to understand their context...
Firefly – Black Box Fuzzer For Web Applications
Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing a target with a large number of built-in checks to detect behaviors in the target. NOTE : Firefly is in a very new stage (v1.0) but works well for now, if the target does not contain too much dynamic content....
.png "Presshell : Quick And Dirty WordPress Command Execution Shell")