Awesome Cybersecurity Blue Team – Empowering Defenses With Comprehensive Strategies And Tools
Cybersecurity blue teams are groups of individuals who identify security flaws in information technology systems, verify the effectiveness of security measures, and monitor the systems to ensure that implemented defensive measures remain effective in the future. While not exclusive, this list is heavily biased towards Free Software projects and against proprietary products or corporate services. For offensive TTPs, please see awesome-pentest. Your contributions and...
v6.4.1 – Essential Security Patch For dnSpyEx To Thwart Arbitrary Code Execution Threat
In a decisive move to fortify software security, ElektroKill announced the release of dnSpyEx v6.4.1 on September 8, 2023. This critical update addresses a recently uncovered vulnerability that allowed for arbitrary code execution, posing a significant risk to users. With over 138 commits to master since its last update, v6.4.1 emerges as an essential patch, urging all users to...
Todesstern – The Advanced Mutator Engine For Injection Vulnerability Discovery
Todesstern (in english: Death Star) is a simple mutator engine which focuses on finding unknown classes of injection vulnerabilities. The script generates tons of mutated payloads from a user-given string, which are used to find anomalies. Note: While this tool helps you on finding anomalies, it is your job to further analyze the output which might lead to vulnerabilities. It is highly recommended...
msdocviewer – Streamlining Win32 API And Driver Documentation Viewing – A Comprehensive Guide
msdocviewer is a simple tool for viewing Microsoft's win32 API and driver technical documentation. msdocviewer consists of two parts. The first is a parser (run_me_first.py) that searches for all markdown files in the Microsoft sdk-api and driver repository, it then checks if the document is related to a function and if so, it copies the document to a directory and then renames the file with...
GTPDOOR Scan – The Multithreaded Tool For Detecting GTPDOOR Malware Infections
.webp "GTPDOOR Scan – The Multithreaded Tool For Detecting GTPDOOR Malware Infections")
A multithreaded network scanner to scan for hosts infected with the GTPDOOR malware. Technical writeup here. Three detection methods supported: ACK scan (detects GTPDOOR v2) TCP connect scan (detects GTPDOOR v2) GTP-C GTPDOOR message type 0x6 (detects GTPDOOR v1 + v2) if default hardcoded key has not been changed Note that for 1+2, the GTPDOOR implant must have ACLs configured for it's TCP RST/ACK beacon to respond. Given...
v3.2.0 – Transforming Security Protocols With Fuzzing, LDAP Enhancements, And Robust Fixes
.webp "v3.2.0 – Transforming Security Protocols With Fuzzing, LDAP Enhancements, And Robust Fixes")
In the latest iteration of our cutting-edge software, v3.2.0 emerges as a significant leap forward, embodying the relentless pursuit of excellence in cybersecurity. This release introduces an array of new features including advanced fuzzing support, authenticated scanning capabilities, and comprehensive protocol enhancements, marking a milestone in the tool's evolution. Bolstered by critical bug fixes and performance optimizations, v3.2.0 sets...
Awesome Web Security – The Ultimate Guide To Mastering Techniques, Tools, And Resources
.webp "Awesome Web Security – The Ultimate Guide To Mastering Techniques, Tools, And Resources")
Needless to say, most websites suffer from various types of bugs which may eventually lead to vulnerabilities. Why would this happen so often? There can be many factors involved including misconfiguration, shortage of engineers' security skills, etc. To combat this, here is a curated list of Web Security materials and resources for learning cutting edge penetration techniques, and I...
CVE-2024-2432 Palo Alto GlobalProtect EoP : Unveiling The Path To Privilege Escalation
.webp "CVE-2024-2432 Palo Alto GlobalProtect EoP : Unveiling The Path To Privilege Escalation")
On Windows system, it was found that GlobalProtect (App version 6.1.1-5 and 6.2.0-89) was vulnerable to arbitrary file delete with elevated privileges by symbolic link attack lead to local privilege escalation on local machine. It was observed that when a Windows unprivileged user attempt to connect VPN with GlobalProtect, the process "PanGpHip.exe" will do the following with SYSTEM privilege: query directory...
Awesome-OpSec : Empowering Digital Safety Through Feminist Cybersecurity And Operational Security
.webp "Awesome-OpSec : Empowering Digital Safety Through Feminist Cybersecurity And Operational Security")
A Feminist Guide to Digital Defense serves as a comprehensive resource for enhancing online safety and privacy through a feminist lens. This guide compiles essential reads, DIY tutorials, and expert advice aimed at bolstering operational security. From the basics of cybersecurity to advanced tactics for securing digital spaces, it empowers readers to navigate the web with confidence and combat...
CVE-2024-25153 : A Detailed Guide To Remote Code Execution In Fortra File Catalyst Workflow
.webp "CVE-2024-25153 : A Detailed Guide To Remote Code Execution In Fortra File Catalyst Workflow")
This is a proof of concept for CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114. Full technical details can be found. Usage Run the exploit using the following command: CVE-2024-25153.py --host <hostname> --port <port> --url <url> --cmd <command> Only the --host argument is required, and others are optional. Use the --help argument for full usage instructions. Disclaimer This proof-of-concept is for demonstration purposes...
