.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Microsoft Defender For Endpoint Curated List Of Resources For DFIR – Microsoft Defender For Endpoint Guide
.webp "Microsoft Defender For Endpoint Curated List Of Resources For DFIR – Microsoft Defender For Endpoint Guide")
Hey, thank you stopping by! Well, being here means that you are either familiar with the discipline of Digital Forensics and Incident Reponse (DFIR) or you are interested in beginning to explore DFIR tools and techniques. The common denominator, no matter what your sense is around DFIR, is that you are using Microsoft Defender for Endpoint (MDE) and the...
WebCopilot – A Comprehensive Subdomain Enumeration And Bug Detection Tool
.webp "WebCopilot – A Comprehensive Subdomain Enumeration And Bug Detection Tool")
WebCopilot is an automation tool designed to enumerate subdomains of the target and detect bugs using different open-source tools. The script first enumerate all the subdomains of the given target domain using assetfinder, sublister, subfinder, amass, findomain, hackertarget, riddler and crt then do active subdomain enumeration using gobuster from SecLists wordlist then filters out all the live subdomains using dnsx then...
Frown – An Instrumentation Challenge : Navigating The Setup And Solutions
.webp "Frown – An Instrumentation Challenge : Navigating The Setup And Solutions")
In the world of cybersecurity and ethical hacking, challenges often serve as valuable training grounds for aspiring professionals. "Frown – An Instrumentation Challenge" is one such intriguing puzzle that promises to test your skills in setting up a complex environment and finding innovative solutions. In this article, we'll delve into the nuts and bolts of this challenge, explore the...
Linux Kernel CVE-2023-6546 : Unveiling A Critical Vulnerability
.webp "Linux Kernel CVE-2023-6546 : Unveiling A Critical Vulnerability")
This is a custom exploit which targets Ubuntu 18.04+20.04 LTS/Centos 8/RHEL 8 to attain root privileges via arbitrary kernel code execution on SMP systems. Features Highlights of the significant features include: Bypasses KASLR Bypasses SMAP/SMEP Supports Linux x86_64 Exploit The exploit consists of a binary executable which exploits the vulnerability. File PathDescriptionexploit.cThe C file containing the exploit codesymbolsScripts for generating kernel offsets When the exploit binary is run,...
GraphStrike – Empowering Cobalt Strike With Microsoft Graph API Integration
.webp "GraphStrike – Empowering Cobalt Strike With Microsoft Graph API Integration")
GraphStrike is a suite of tools that enables Cobalt Strike's HTTPS Beacon to use Microsoft Graph API for C2 communications. All Beacon traffic will be transmitted via two files created in the attacker's SharePoint site, and all communications from Beacon will route Why? Threat intelligence has been released regarding several different APTs leveraging Microsoft Graph API and other Microsoft services for offensive...
AI Exploits – Vulnerabilities And Threats In Machine Learning Infrastructure
.webp "AI Exploits – Vulnerabilities And Threats In Machine Learning Infrastructure")
The AI world has a security problem and it's not just in the inputs given to LLMs such as ChatGPT. Based on research done by Protect AI and independent security experts on the Huntr Bug Bounty Platform, there are far more impactful and practical attacks against the tools, libraries and frameworks used to build, train, and deploy machine learning models. Many of these...
EchoDrv – Unveiling Kernel Vulnerabilities In ECHOAC Anti-Cheat Driver echo_driver.sys
.webp "EchoDrv – Unveiling Kernel Vulnerabilities In ECHOAC Anti-Cheat Driver echo_driver.sys")
In the realm of cybersecurity, the relentless battle between attackers and defenders rages on. Enter EchoDrv, a potent tool that exposes the vulnerabilities lurking within the ECHOAC anti-cheat driver, echo_driver.sys. In this article, we delve into the world of EchoDrv, exploring its usage, sponsors, and the credits behind its creation, all while emphasizing the importance of responsible use in...
Ghost – Unmasking The Intricacies Of A Remote Access Trojan
.webp "Ghost – Unmasking The Intricacies Of A Remote Access Trojan")
Ghost is a light RAT that gives the server/attacker full remote access to the user's command-line interpreter (cmd.exe). They are allowed to execute commands silently without the client/zombie noticing. The server/attacker is also given the ability to download and execute files on the client/zombie's computer. This is also a silent and hidden process. Like most Remote Access Trojans, this download and execution...
LOLSpoof – A Clever Technique To Evade Command Line Detection And Maintain OPSEC
.webp "LOLSpoof – A Clever Technique To Evade Command Line Detection And Maintain OPSEC")
LOLSpoof is a an interactive shell program that automatically spoof the command line arguments of the spawned process. Just call your incriminate-looking command line LOLBin (e.g. powershell -w hidden -enc ZwBlAHQALQBwAHIAbwBjAGUA....) and LOLSpoof will ensure that the process creation telemetry appears legitimate and clear. Why Process command line is a very monitored telemetry, being thoroughly inspected by AV/EDRs, SOC analysts or threat...
FalconHound – Empowering Blue Teams With Automated BloodHound Integration
.webp "FalconHound – Empowering Blue Teams With Automated BloodHound Integration")
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool. One of the challenging aspects of BloodHound is that it is a snapshot in time. FalconHound includes functionality that can be...
