.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
DeadPotato – Harnessing Advanced System Tools For Security And Administration
The latest iteration of the versatile security tool designed for network administrators and cybersecurity professionals. This version adds new capabilities like domain data collection for BloodHound and enhanced compatibility with Windows 10. Learn how to leverage DeadPotato’s suite of modules for system assessment and security exploitation. This version includes the following changes: sharphound: Attempts to collect domain data for BloodHound. (NOTE:...
PromptFoo – Streamlining LLM Application Development And Security Testing
An innovative tool designed to revolutionize the testing, evaluation, and security of LLM applications. This versatile tool supports a test-driven development approach, allowing developers to optimize prompts, models, and APIs efficiently. Whether you're using CLI, integrating into CI/CD, or seeking robust security through automated red teaming, promptfoo offers a comprehensive solution to enhance the reliability and security of your...
AdbNet – Mastering Android Device Exploitation
A sophisticated tool designed for exploiting vulnerabilities in Android devices. This article dives into the features of AdbNet, offering a detailed guide on how to identify and connect to susceptible Android devices globally. Learn how to leverage its post-exploitation modules to gain comprehensive control and execute advanced operations on compromised devices. Features Features: - Post-Exploitation modules to control and tinker...
SeamlessPass – Bridging Kerberos Authentication With Microsoft 365 Access
SeamlessPass is a tool designed to obtain Microsoft 365 access tokens using on-premises Active Directory Kerberos tickets for organizations with Seamless SSO (Desktop SSO) enabled. These tokens can be used for further interaction with Microsoft 365 services via APIs or other tools like ROADTools and AADInternals for more offensive capabilities. More information about the theory and use case scenarios can...
Awesome Forensics – The Forensic Analyst’s Toolkit An In-Depth Exploration
Comprehensive guide to the tools and resources pivotal in the world of forensic analysis. From essential collections to specialized frameworks and live forensics, this curated list covers everything you need to delve deeper into digital investigations. Whether you're a professional in the field or just starting out, explore these free and mostly open-source tools that are indispensable for today's...
CVEScannerV2 – Enhancing Network Security With Nmap Vulnerability Detection Script
An advanced Nmap script designed to detect potential vulnerabilities in network services. This article delves into the technical specifics, requirements, and operational details of the script, providing a comprehensive guide for enhancing your network's security. Learn how to effectively use CVEScannerV2 to identify vulnerabilities across various services and versions. Nmap script that provides information about probable vulnerabilities based on discovered...
File Tunnel – Innovative TCP Connection Tunneling via Files
A powerful tool designed to tunnel TCP connections through a file. Ideal for circumventing firewalls and establishing secure network links, File Tunnel leverages shared file systems to enable seamless communication between hosts. This article delves into practical uses, setup examples, and the underlying technology that makes it all possible. Host A ft.exe -L 5000:127.0.0.1:3389 --write "\servershare1.dat" --read "\servershare2.dat" This command listens for...
Tartufo API – Configuration, Rules, And Scanning Capabilities
Dive into the world of Tartufo, a powerful tool designed for scanning and managing security vulnerabilities through regular expressions. This article offers a comprehensive API reference guide for all public classes and functions within Tartufo, from configuring scans to compiling and applying rules. Learn how to effectively utilize Tartufo to enhance your security protocols and streamline your codebase examination...
Would You Like To Know More In Tartufo – Cleaning Up Git Repositories Of Sensitive Data
If the other documentation left you wondering what to do with the results of your scans, and unsure how to get rid of those pesky leaked secrets, then look no further! End-to-End Example An End-to-End example walkthrough of a tartufo scan and the process of purging the dirty evil passwords that somehow ended up in your code commits. Clone your repo! Select and clone the...
QuickShell – Advanced Vulnerabilities And Tools For Quick Share At DEF CON 32
This project showcases the vulnerability research that we conducted on Quick Share, which we presented at DEF CON 32 (2024). Our work reveals critical vulnerabilities and includes tools we’ve developed, including a Remote Code Execution (RCE) attack chain tool. DEF CON Talk link Technical Blog Post link Repository Contents This repository includes the tools we developed during our research: quick_shell: Implements the entire RCE...
