.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
C2 Server Installation – A Comprehensive Guide For Red Team Operations
Setting up a Command and Control (C2) server is a critical step in establishing a robust red team infrastructure. This guide provides a detailed walkthrough on how to install and configure your C2 server, ensuring seamless integration with tools like Filebeat and RedELK. Follow these essential steps to enhance your cybersecurity testing capabilities. In Short extract c2servers.tgz on your C2 server. Run...
Redirector Installation – A Comprehensive Guide For Red Team Operations
Installing and configuring redirectors as part of your red team infrastructure. Follow these step-by-step instructions to deploy and optimize redirectors using tools like Filebeat and RedELK, enhancing your ability to manage logs and security measures effectively. Learn how to tackle common installation challenges and modify logging formats for different server types to suit your operational needs. In Short extract redirs.tgz Run: install-redir.sh...
Generating Keys And Packages – A Guide To Securing RedELK Server Communications
This step generates TLS key pairs. This is used for encrypting the filebeat traffic between redirectors/C2servers and the RedELK server. It can be run on any unix based system. But it makes sense completely sense to run this from your dedicated RedELK system. In Short modify ./certs/config.cnf run initial-setup.sh ./certs/config.cnf copy c2servers.tgz, redirs.tgz and elkserver.tgz to relevant systems In Detail Adjust ./certs/config.cnf to include the right...
enum4linux-ng : The Next-Generation Tool For Windows And Samba Enumeration
enum4linux-ng.py is a rewrite of Mark Lowe's (former Portcullis Labs now Cisco CX Security Labs) enum4linux.pl, a tool for enumerating information from Windows and Samba systems, aimed for security professionals and CTF players. The tool is mainly a wrapper around the Samba tools nmblookup, net, rpcclient and smbclient. I made it for educational purposes for myself and to overcome issues...
Interactive PDF Analysis – A Deep Dive Into Secure PDF Examination
Interactive PDF Analysis (also called IPA) allows any researcher to explore the inner details of any PDF file. PDF files may be used to carry malicious payloads that exploit vulnerabilities, and issues of PDF viewer, or may be used in phishing campaigns as social engineering artefacts. The goal of this software is to let any analyst go deep on...
zDocker-cobaltstrike : A Comprehensive Guide To Setting Up Cobalt Strike With Docker
A detailed guide on setting up Cobalt Strike in a Docker environment. Cobalt Strike, a powerful tool for penetration testers, can be seamlessly integrated into Docker to enhance security testing with scalability and ease of deployment. This article provides step-by-step instructions on building and running a Cobalt Strike Docker container, including how to set environment variables and expose necessary...
ConfuserEx2 String Decryptor – A Guide To Deobfuscating .NET Applications
ConfuserEx2 is the latest version from the Confuser family → An open-source, free protector for .NET applications. ConfuserEx2_String_Decryptor deobfuscates constants protection, targeting string objects and char arrays. This tool was tested on the vanilla version of ConfuserEx2 (ConfuserEx 1.6.0+-), but it should also handle some customized versions. Description ConfuserEx2_String_Decryptor is a simple C# console application that uses: AsmResolver - .NET Assembly Manipulation (modification of...
GlobalUnProtect – Decrypting And Harvesting Sensitive Data From GlobalProtect Installations
PoC tool for decrypting and collecting GlobalProtect configuration, cookies, and HIP files from windows client installations. Usage Run as standalone or in-memory via execute-assembly or equivalent. Collects all contents to an in-memory zip and writes to specified location. > GlobalUnProtect.exe Usage: GlobalUnProtect.exe C:PathToOutput.zip > GlobalUnProtect.exe %TEMP%GPUnprotect.zip [*] Deriving AES key from computer SID [*] Computer SID (Hex) :...
Capa v7.3.0 – Enhanced Malware Analysis With VMRay Integration, Ghidra Support, And New Capa Rules Website
The v7.3.0 capa release comes with the following three major enhancements: 1. Support For VMRay Sandbox Analysis Archives Unlock powerful malware analysis with capa's new VMRay sandbox integration! Simply provide a VMRay analysis archive, and capa will automatically extract and match capabilities to streamline your workflow. This is the second support for the analysis of dynamic analysis results after CAPE. 2. Support...
MSSprinkler – Enhancing M365 Security Through Advanced Password Testing
MSSprinkler is a password spraying utility for organizations to test their M365 accounts from an external perspective. It employs a 'low-and-slow' approach to avoid locking out accounts, and provides verbose information related to accounts and tenant information. Contents Description Current Feature Installation Help Disclaimer Description MSSprinkler is written in PowerShell and can be imported directly as a module. It has no other dependencies. MSSprinkler relies on the...
.webp "Bomber : Navigating Security Vulnerabilities In SBOMs")
