.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
GitButler : Revolutionizing Branch Management With Virtual Branches
GitButler is a git client that lets you work on multiple branches at the same time. It allows you to quickly organize file changes into separate branches while still having them applied to your working directory. You can then push branches individually to your remote, or directly create pull requests. In a nutshell, it's a more flexible version of git...
Minegrief : Unpacking A Crafty Minecraft Malware
Self-spreading to other Minecraft servers using an extendable, module-based lateral movement system. Crafty Controller Auth'd RCE - undisclosed, unpatched, intentional(?) Auth'd RCE in Crafty Controller, a panel for Minecraft server management. Check for default creds of admin:crafty or brute force. SSH brute forcing - Classic SSH brute forcing, Minegrief will copy itself over SCP and execute itself if a login is...
ModTask – Task Scheduler Attack Tool
ModTask is an advanced C# tool designed for red teaming operations, focusing on manipulating scheduled tasks to facilitate both lateral movement and persistence in target networks. This tool allows users to list, analyze, and modify scheduled tasks on both local and remote systems. It supports a variety of trigger modifications and includes built-in features for cleaning up after operations...
HellBunny : Advanced Shellcode Loader For EDR Evasio
HellBunny is a malleable shellcode loader written in C and Assembly utilizing direct and indirect syscalls for evading EDR hooks. It can be built as EXE, DLL, or XLL and offers a variety of QoL features that make it more adaptable. The purpose of this research project was to develop a comprehensive understanding of the architecture and internals of the...
SharpRedirect : A Lightweight And Efficient .NET-Based TCP Redirector
SharpRedirect is a simple .NET Framework-based redirector from a specified local port to a destination host and port. Features Traffic Redirection: Redirects incoming TCP connections from a local port to a specified destination host and port. Bidirectional Communication: Supports full duplex communication between the client and the destination. Ease of Use: Simple command-line interface for quick setup. Lightweight and Efficient: Designed with asynchronous operations...
Flyphish : Mastering Cloud-Based Phishing Simulations For Security Assessments
Flyphish is an Ansible playbook allowing cyber security consultants to deploy a phishing server in the cloud for security assessments. The playbook installs and configures Gophish, Postfix and OpenDKIM on a virtual machine in the cloud. Additionally, for OPSEC purposes, the playbook removes default IOCs (SMTP headers) from Gophish and Postfix servers configurations. Install Requirements Make sure you have a Linux (Debian, Ubuntu...
DeLink : Decrypting D-Link Firmware Across Devices With A Rust-Based Library
A crypto library to decrypt various encrypted D-Link firmware images. Confirmed to work on the following D-Link devices: E15 E30 R12 R15 R18 M18 M30 M32 M60 DAP-1665 DAP-1820 DAP-1955 DAP-2610 DAP-2680 DAP-2682 DIR-850L A1 DIR-850L B1 DAP-1610 B1 DAP-1620 B1 DAP-LX1880 DRA-1360 A1 DRA-2060 A1 DIR-1750 DIR-2055 DIR-LX1870 DIR-X1560 DIR-X1870 DIR-X4860 DIR-X5460 DIR-822 DIR-842 DIR-878 DIR-2150 DIR-3040 DIR-3060 Encryption keys/methods are often re-used amongst devices and firmware, so other devices may also be supported. Compiling You must have the Rust compiler installed: cargo build --release Command Line Usage: ./target/release/delink encrypted.bin decrypted.bin Rust Library Usage: // Read in the contents of an encrypted...
LLM Lies : Hallucinations Are Not Bugs, But Features As Adversarial Examples
LLMs (e.g., GPT-3.5, LLaMA, and PaLM) suffer from hallucination—fabricating non-existent facts to cheat users without perception. And the reasons for their existence and pervasiveness remain unclear. We demonstrate that non-sense Out-of-Distribution(OoD) prompts composed of random tokens can also elicit the LLMs to respond with hallucinations. This phenomenon forces us to revisit that hallucination may be another view of adversarial...
How to Build and Optimize Microservices Architecture: Design, Deploy & Scale
The most important aspects of building and optimizing a microservices architecture include design principles, deployment strategies, and scalability. These approaches provide benefits like modularity, scalability, and easier maintenance but should go hand-in-hand with a deep understanding of foundational concepts and best practices. Designing Microservices Architecture Designing microservices begins with clear boundaries for each service so that each microservice holds responsibility for...
Kali Linux 2024.4 Released, What’s New?
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and new features for cybersecurity professionals and ethical hackers. Here are the key highlights: New Default Python Version Python 3.12 is now the default Python interpreter in Kali Linux 2024.4 1. This change comes with improved performance, better syntax, and optimized memory management. Notably, pip is now disabled...
