CVE-2023-6000 PoC : Detecting WordPress Plugin Vulnerabilities
It delves into the CVE-2023-6000 vulnerability, showcasing a proof of concept (PoC) for identifying at-risk WordPress plugins. Focused on a specific detection method, it guides readers through the steps to pinpoint and address vulnerabilities before they can be exploited. By leveraging this PoC, users can enhance the security of their WordPress installations, safeguarding them against potential attacks. How Does This...
Awesome Security – A Comprehensive Guide To Tools And Resources For Unlocking Digital Safety
.webp "Awesome Security – A Comprehensive Guide To Tools And Resources For Unlocking Digital Safety")
A collection of awesome software, libraries, documents, books, resources and cool stuff about security. Inspired by awesome-php, awesome-python. Thanks to all contributors, you're awesome and wouldn't be possible without you! The goal is to build a categorized community-driven collection of very well-known resources. Awesome Security Network Scanning / Pentesting Monitoring / Logging IDS / IPS / Host IDS / Host IPS Honey Pot / Honey Net Full Packet Capture / Forensic Sniffer Security...
CloudGrappler – Elevating Cloud Security In AWS And Azure
.webp "CloudGrappler – Elevating Cloud Security In AWS And Azure")
CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure. Notes To optimize your utilization of CloudGrappler, we recommend using shorter time ranges when querying for results. This approach enhances efficiency and accelerates the retrieval of information, ensuring a more seamless experience with...
Awesome AppSec – The Ultimate Resource Collection For Application Security
The Ultimate Resource Collection for Application Security,' your premier curated list for delving into the world of application security. Compiled by Paragon Initiative Enterprises with invaluable contributions from both the application security and developer communities, this guide is your gateway to a wealth of knowledge. From beginners to seasoned professionals, explore essential books, insightful articles, practical tools, and more...
PichichiH0ll0wer : Mastering Nim-Based Process Hollowing For Efficient Payload Management
.webp "PichichiH0ll0wer : Mastering Nim-Based Process Hollowing For Efficient Payload Management")
PichichiH0ll0wer revolutionizes payload management with its Nim-based process hollowing capabilities. This innovative tool offers configurable features, advanced injection methods, and robust protection mechanisms, making it a game-changer for Windows environments. Explore how PichichiH0ll0wer streamlines the deployment of payloads while enhancing security and efficiency. PichichiH0ll0wer About Features Injection methods Installation Usage Credits About --== Process hollowing loader written in Nim for PEs only ==-- I built PichichiH0ll0wer to learn and...
ADeleginator – The Key To Detecting Insecure Delegations In Active Directory
ADeleginator emerges as a groundbreaking tool designed to enhance the security landscape of Active Directory environments. Developed by Spencer Alessi, it meticulously identifies and reports insecure trustee and resource delegations. This guide unveils how ADeleginator can empower IT professionals to fortify their networks against vulnerabilities. A tool to find insecure trustee and resource delegations in Active Directory ____ ___ ____...
GUIDTool – Mastering Analysis And Prediction Of Version 1 UUIDs
A simple tool to analyse version 1 GUIDs/UUIDs from a system. With the information obtained from analysis, it is often possible to forge future v1 GUIDs created by the system, if you know the approximate time they were created. Installation Clone the repository, cd into it and run: pip install . pipx can be used in place of pip. Once installed, you should be able to run guidtool...
OpenARIA : Enhancing Aviation Safety Through Open-Source Innovation
This repository contains an open-source edition of the Aviation Risk Identification and Assessment (ARIA) software program developed by MITRE on behalf of the Federal Aviation Administration's (FAA) Safety and Technical Training (AJI) Service Unit. OpenARIA's Goal Our goal is to build a community focused on improving aviation safety & efficiency by extracting value from aircraft location data. How OpenARIA Can Achieve This Goal Provide a...
WinFiHack : Unlocking Wireless Networks – A DIY Guide To WiFi Brute Forcing On Windows
WinFiHack is a recreational attempt by me to rewrite my previous project Brute-Hacking-Framework's main wifi hacking script that uses netsh and native Windows scripts to create a wifi bruteforcer. This is in no way a fast script nor a superior way of doing the same hack but it needs no external libraries and just Python and python scripts. Installation The packages are minimal...
Kimsuky PowerShell Backdoor : An In-Depth Breakdown Of Its Command And Control Framework
.webp "Kimsuky PowerShell Backdoor : An In-Depth Breakdown Of Its Command And Control Framework")
We delve into the intricate workings of the Kimsuky PowerShell Backdoor, a sophisticated cyber espionage tool attributed to the notorious Kimsuky hacking group. We provide a detailed examination of its command and control (C2) operations, shedding light on the backdoor's capabilities to manipulate, exfiltrate, and manage files and processes on compromised systems. Through an analysis of its operational commands,...
