Elevation Station: Mastering Privilege Escalation with Advanced Token Manipulation Techniques

0

ElevationStation is a privilege escalation tool. It works by borrowing from commonly used escalation techniques involving manipulating/duplicating process and thread tokens. Why reinvent the wheel with yet another privilege escalation utility? This was a combined effort between avoiding AV alerts using Metasploit and furthering my research into privilege escalation methods using tokens. In brief: My main goal here was to learn...

Enhancing macOS Security: A Guide to Red Canary Mac Monitor

0

Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research, malware triage, and system troubleshooting. Harnessing Apple Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to surface only the events that are relevant to you. The telemetry collected includes process, interprocess, and file events...

Afuzz – An automated web path fuzzing tool

0

Finding security holes is a lot like finding hidden treasures in the world of bug bounty hunts. "Afuzz" turns out to be a useful tool in this search because it provides an automatic way to test web paths that is perfect for bug reward projects. Afuzz was created by RapidDNS and is unique because it can intelligently adapt to...

PassBreaker: A Comprehensive Guide to Advanced Password Cracking Techniques

0

Even though cybersecurity is always changing, cracking passwords is still an important skill for security workers to have. "PassBreaker," a command-line password cracking tool made in Python, is the best in its field and has many advanced features that make it easy to decode passwords. This detailed guide goes over all of PassBreaker's features, such as wordlist-based attacks and...

WinDiff: A Comprehensive Tool for Windows Binary Comparison and Analysis

0

WinDiff is an open-source web-based tool that allows browsing and comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the operating system. The binary database is automatically updated to include information from the latest Windows updates (including Insider Preview). It was inspired by ntdiff and made possible with the help of Winbindex. How It Works WinDiff is made of two...

Aladdin: Advanced .NET Payload Generation and Execution Techniques

0

.-. [.-''-., | //`~) (<| 0|>_ "; _"/ \_ _, ...

T3SF: A Quickstart Guide to Modular Event Orchestration

0

T3SF is a framework that offers a modular structure for the orchestration of events based on a master scenario events list (MSEL) together with a set of rules defined for each exercise (optional) and a configuration that allows defining the parameters of the corresponding platform. The main module performs the communication with the specific module (Discord, Slack, Telegram, etc.)...

NimExec: Fileless Command Execution via MS-SCMR

0

Basically, NimExec is a fileless remote command execution tool that uses The Service Control Manager Remote Protocol (MS-SCMR). It changes the binary path of a random or given service run by LocalSystem to execute the given command on the target and restores it later via hand-crafted RPC packets instead of WinAPI calls. It sends these packages over SMB2 and...

NetAtlas C2 Server Search: Detecting Command and Control Servers with Netlas API

0

C2 Search Netlas is a Java utility designed to detect Command and Control (C2) servers using the Netlas API. It provides a straightforward and user-friendly CLI interface for searching C2 servers, leveraging the Netlas API to gather data and process it locally. Usage To utilize this terminal utility, you'll need a Netlas API key. Obtain your key from the Netlas website. After acquiring your...

Porch Pirate: A Comprehensive Reconnaissance and OSINT Framework for Postman

0

Porch Pirate started as a tool to quickly uncover Postman secrets, and has slowly begun to evolve into a multi-purpose reconaissance / OSINT framework for Postman. While existing tools are great proof of concepts, they only attempt to identify very specific keywords as "secrets", and in very limited locations, with no consideration to recon beyond secrets. We realized we...