LocalSend – The Ultimate Guide To Secure, Local Network Communication
LocalSend is a free, open-source app that allows you to securely share files and messages with nearby devices over your local network without needing an internet connection. About Screenshots Download How it Works Getting Started Contributing Translation Bug fixes and improvements Building Android iOS macOS Windows Linux About LocalSend is a cross-platform app that enables secure communication between devices using a REST API and HTTPS encryption. Unlike other messaging apps that rely on external servers,...
BackupCreds – Mastering Credential Dumping In Windows
BackupCreds presents a groundbreaking method for security professionals to exploit SeTrustedCredmanAccessPrivilege, enabling the dumping of stored credentials in Windows environments. This article delves into the intricate process of leveraging elevated shells for credential extraction, offering a step-by-step guide on accessing and manipulating the Windows Credential Manager. Discover how BackupCreds transforms security testing and vulnerability assessments with its innovative approach. ________________________________________________ |...
Android Security Awesome : Securing the Android Ecosystem – A Comprehensive Resource Guide
In the ever-evolving landscape of mobile technology, Android security remains a paramount concern for developers, researchers, and users alike. 'Android Security Awesome' is a comprehensive guide that aggregates an array of tools, academic resources, publications, and insights into exploits, vulnerabilities, and bugs within the Android ecosystem. This collection aims to equip individuals and organizations with the knowledge and tools...
Awesome Malware Analysis – The Ultimate Resource For Tools, Techniques, And Insights
A curated list of awesome malware analysis tools and resources. Inspired by awesome-python and awesome-php. Malware Collection Anonymizers Honeypots Malware Corpora Open Source Threat Intelligence Tools Other Resources Detection and Classification Online Scanners and Sandboxes Domain Analysis Browser Malware Documents and Shellcode File Carving Deobfuscation Debugging and Reverse Engineering Network Memory Forensics Windows Artifacts Storage and Workflow Miscellaneous Resources Books Other Related Awesome Lists Contributing Thanks Malware Collection Anonymizers Web traffic anonymizers for analysts. Anonymouse.org - A free, web based anonymizer. OpenVPN - VPN software and hosting solutions. Privoxy - An open source proxy server with some...
Awesome CTF – The Comprehensive Toolkit For Capture The Flag Challenges
A curated list of Capture The Flag (CTF) frameworks, libraries, resources, softwares and tutorials. This list aims to help starters as well as seasoned CTF players to find everything related to CTFs at one place. Contributing Please take a quick look at the contribution guidelines first. If you know a tool that isn't present here, feel free to open a pull request. Why? It takes time to build...
Canary Token Scanner – A Crisp Cybersecurity Shield Against Hidden Threats
The "Canary Token Scanner" article introduces a robust Python script designed to bolster cybersecurity by detecting hidden threats within Microsoft Office documents, Acrobat Reader PDFs, and Zip files. It emphasizes proactive defense against malicious URLs and macros, aiming to safeguard users from inadvertent exposure to cyber threats. This guide offers a practical approach to identifying and mitigating potential vulnerabilities...
Freyja Purple Team Agent : A Cutting-Edge Tool For Cyber Resilience
Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables. It is a very stripped down verion of the Poseidon payload from @xorrior, @djhohnstein, and @its-a-feature This Freyja instance supports Mythic 3.0 and will be updated as necessary. It does not support Mythic 2.3 and lower. The agent has mythic_payloadtype_container==0.1.8 PyPi package installed and reports to Mythic as version "12". Freyja uses Red...
CVE-2023-6000 PoC : Detecting WordPress Plugin Vulnerabilities
It delves into the CVE-2023-6000 vulnerability, showcasing a proof of concept (PoC) for identifying at-risk WordPress plugins. Focused on a specific detection method, it guides readers through the steps to pinpoint and address vulnerabilities before they can be exploited. By leveraging this PoC, users can enhance the security of their WordPress installations, safeguarding them against potential attacks. How Does This...
Awesome Security – A Comprehensive Guide To Tools And Resources For Unlocking Digital Safety
A collection of awesome software, libraries, documents, books, resources and cool stuff about security. Inspired by awesome-php, awesome-python. Thanks to all contributors, you're awesome and wouldn't be possible without you! The goal is to build a categorized community-driven collection of very well-known resources. Awesome Security Network Scanning / Pentesting Monitoring / Logging IDS / IPS / Host IDS / Host IPS Honey Pot / Honey Net Full Packet Capture / Forensic Sniffer Security...
CloudGrappler – Elevating Cloud Security In AWS And Azure
CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure. Notes To optimize your utilization of CloudGrappler, we recommend using shorter time ranges when querying for results. This approach enhances efficiency and accelerates the retrieval of information, ensuring a more seamless experience with...