Akto.io – Comprehensive Security Testing And Inventory Management
Akto is an instant, open source API security platform that takes only 60 secs to get started. Akto is used by security teams to maintain a continuous inventory of APIs, test APIs for vulnerabilities and find runtime issues. Akto offers coverage for all OWASP top 10 and HackerOne Top 10 categories including BOLA, authentication, SSRF, XSS, security configurations, etc....
CCC : Cyberspace Under Siege – Understanding Crime, Espionage, And Conflict
This is a short graduate course providing an introduction to the areas of crime, espionage and conflicts in cyberspace. The material is used for the "Cybercrime, Cyberespionage, and Cyberwar" course currently taught in the Master in Cybersecurity at UC3M. The course provides a gentle, not very technical introduction to several contemporary security and privacy topics, including some bits of history, opponents and the current cyberthreat landscape, the underground...
Freeway – A Comprehensive Guide To WiFi Penetration Testing With Python
"Freeway" is a Python-based tool designed to enhance WiFi penetration testing and network security. Utilizing the capabilities of Scapy, it equips ethical hackers and security professionals with the necessary tools to audit and secure networks. Explore its robust features like packet monitoring, deauthentication attacks, and more to sharpen your cybersecurity skills. 1. Overview Freeway is a Python scapy-based tool for WiFi penetration...
ADSpider : Advanced Real-Time Monitoring Of Active Directory Changes
.webp "ADSpider : Advanced Real-Time Monitoring Of Active Directory Changes")
Tool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects. Parameters DC - domain controller FQDN.Formatlist - output in list instead of table.ExcludelastLogonTimestamp - exclude lastLogonTimestamp events from outputDumpAllObjects - dump all active directory before start. In case of changes It will show you...
VMware vCenter : CVE-2024-37081 Proof Of Concept
Este repositorio contiene una prueba de concepto (PoC) para la vulnerabilidad CVE-2024-37081 en VMware vCenter. La vulnerabilidad se debe a una mala configuración en el archivo /etc/sudoers que permite la preservación de variables ambientales peligrosas al ejecutar comandos sudo. Esto puede ser aprovechado por atacantes para ejecutar comandos arbitrarios con privilegios de root. Vulnerabilidad ID: CVE-2024-37081 Descripción: La mala configuración del parámetro Defaults env_keep en el archivo /etc/sudoers permite...
DetectItEasy With Python – A Comprehensive Guide
DetectItEasy-Python is a powerful tool designed to streamline file scanning and analysis using Python bindings. This article guides you through the straightforward installation process via pip or Git and provides essential details for utilizing the tool effectively across different operating systems. Whether you're a seasoned developer or new to cybersecurity, this guide makes it easy to leverage DetectItEasy's capabilities...
Volatility Binaries – A Comprehensive Guide To Compiling And Using Volatility Tools
Explore the essentials of Volatility binaries with our detailed guide. This article provides easy access to compiled binaries of Volatility, complete with SHA1 hashes and compilation dates. Whether you're a seasoned analyst or a newcomer, learn how to compile these tools on your own to enhance your forensic capabilities. For any issues, BinarySHA1 hashCompiled OnVol2.6.1/vol2.exe601ecac617185c8f811edee30a449a46fb6ff8a4N/AVol3/Vol3-2.7.0/vol3.exe3d70bd87a6a189288008a093af31ffaaa85867962024-06-07Vol3/Volshell/volshell3.exe9e32f767fcf0d6e11c2c2f873bcea00b56b271662024-06-07Vol3/Vol3-2.5.2/vol.exea2c669d7ff847707c3717cd3cef7310c953306d02024-02-14 Note: The binaries and hashes provided are as...
Mailgoose – Ensuring Email Security With SPF, DMARC, And DKIM Verification
Mailgoose is a web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly. CERT PL uses it to run bezpiecznapoczta.cert.pl, an online service that helps Polish institutions to configure their domains to decrease the probability of successful e-mail spoofing. Under the hood, Mailgoose uses checkdmarc and dkimpy, among others. Quick Start | Docs Features For an up-to-date list of...
BGPipe – BGP Reverse Proxy And Firewall
An innovative open-source tool that revolutionizes BGP management by acting as a reverse proxy and firewall. Leveraging the powerful BGPFix library, bgpipe enhances security, visibility, and control over BGP sessions. From seamless JSON conversions to robust router control mechanisms, explore how bgpipe secures and streamlines BGP communications. This project provides an open-source BGP reverse proxy and firewall based on the BGPFix...
Sinon – Modular Windows Burn-In Automation With Generative AI For Deception
Sinon is a modular tool for automatic burn-in of Windows-based deception hosts that aims to reduce the difficulty of orchestrating deception hosts at scale whilst enabling diversity and randomness through generative capabilities. It has been created as a proof-of-concept and is not intended for production deception environments. It would likely be better suited to having content pre-generated and built...
