XZ-Vulnerable-Honeypot : A New SSH Defense Mechanism With CVE-2024-3094
.webp "XZ-Vulnerable-Honeypot : A New SSH Defense Mechanism With CVE-2024-3094")
An innovative SSH honeypot equipped with the XZ backdoor, identified by CVE-2024-3094. Designed to bait and study potential attackers, this tool offers a unique glimpse into the tactics and techniques used by cyber adversaries. By simulating vulnerabilities, it provides invaluable insights into securing networks against sophisticated threats. Installation PLEASE run this on a separate isolated system. Docker is not used for...
Inbound SSH Connection To Vulnerable XZ Machine : CVE-2024-3094 Exploits
This KQL query can be used to detect post exploitation activities related to CVE-2024-3094. This vulnerability is related to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. Multiple sources suggest that the malicious code is ingested in functions that SSHD leverages to bypass authentication features, this is yet to be confirmed. If you only want...
ESP32 Wi-Fi Penetration Tool : A Comprehensive Guide To Advanced Wi-Fi Penetration Testing
This project introduces an universal tool for ESP32 platform for implementing various Wi-Fi attacks. It provides some common functionality that is commonly used in Wi-Fi attacks and makes implementing new attacks a bit simpler. It also includes Wi-Fi attacks itself like capturing PMKIDs from handshakes, or handshakes themselves by different methods like starting rogue duplicated AP or sending deauthentication...
ChaiLdr – AV Evasive Payload Loader : Unveiling Next-Gen Evasion Capabilities
ChaiLdr - AV Evasive Payload Loader represents a cutting-edge approach in malware development, blending innovative evasion techniques to bypass modern antivirus solutions. Crafted with advanced concepts learned in malware engineering, this tool introduces a new level of sophistication in delivering payloads undetected. From indirect syscalls and API hammering to HTTP/S shellcode staging, ChaiLdr sets a new benchmark in the...
IpHack – The Ultimate Guide To Advanced IP Tracking And Analysis
In an age where digital privacy and security are paramount, IpHack emerges as a powerful tool designed to revolutionize the way we understand and track IP addresses. This comprehensive guide delves into IpHack's capabilities, from live location tracking to in-depth device analysis, offering a new lens through which to view digital footprints. With its latest features and intuitive design,...
Tracecat – Revolutionizing Security Automation With Open Source Excellence
.webp "Tracecat – Revolutionizing Security Automation With Open Source Excellence")
Tracecat is currently in public alpha. If you'd like to use Tracecat in production, please reach out to us on Discord or founders@tracecat.com! Want to take Tracecat for a spin? Try out our tutorials with Tracecat Cloud or self-hosted. Tracecat is an open source automation platform for security teams. We're building the features of Tines / Splunk SOAR with: Enterprise-grade open source tools Open source AI infra and GPT models Practitioner-obsessed...
Powershell Digital Forensics And Incident Response (DFIR) – Essential Scripts For Windows Cyber Defense
.webp "Powershell Digital Forensics And Incident Response (DFIR) – Essential Scripts For Windows Cyber Defense")
Powershell Digital Forensics & Incident Response (DFIR) equips cybersecurity professionals with a suite of PowerShell scripts tailored for effective incident handling on Windows devices. From collecting forensic artifacts to analyzing security events, these tools streamline the process of identifying, understanding, and mitigating cyber threats, ensuring a robust defense mechanism in the digital landscape. This repository contains multiple PowerShell scripts that...
CspReconGo – Streamlining Web Security With Domain Analysis
.webp "CspReconGo – Streamlining Web Security With Domain Analysis")
CspReconGo is a command-line tool designed for cybersecurity analysts, web developers, and IT professionals. It automates the extraction and analysis of domains from Content Security Policy (CSP) headers and JavaScript files on websites. This tool is essential for conducting detailed web security audits, understanding external resource interactions, and monitoring changes in CSP and JavaScript-based domain references. Key Features CSP Header Analysis: Parses CSP...
CookieKatz – Advanced Cookie Extraction For Chrome And Edge Browsers
.webp "CookieKatz – Advanced Cookie Extraction For Chrome And Edge Browsers")
CookieKatz is a project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup. The benefits of this approach are: Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes Access cookies of other user's browsers when running elevated Dump cookies from webview...
NexaWhisper – Silent Valorant Ascension Internal Cheat C++
External Game Project primarily written in C++, utilizing external libraries. I'm actively combating scammers while developing various cheats and tools for games, including Hack Cheat Driver Esp Aimbot Magic Bullet, Driver Injector Overlay, and Imgui.Developed Cheat Hacks for the Following Games Be careful when purchasing hacking cheats to avoid scams. More projects to come. In the realm of Valorant, securing victory...
