.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Cameradar – Your Comprehensive Guide To RTSP Stream Access And Security
.webp "Cameradar – Your Comprehensive Guide To RTSP Stream Access And Security")
In the age of digital surveillance and connectivity, access to RTSP (Real-Time Streaming Protocol) streams plays a pivotal role in both security and exploration. Enter Cameradar, a versatile tool designed to detect open RTSP hosts, identify streaming devices, and even launch automated dictionary attacks to secure access. In this comprehensive guide, we delve into the world of Cameradar, exploring...
Elitewolf – Critical Infrastructure Security Insights
.webp "Elitewolf – Critical Infrastructure Security Insights")
This repository contains various ICS/SCADA/OT focused signatures and analytics. The end goal is to enable Critical Infrastructure Defenders, Intrusion Analysts, and others to implement continuous and vigilant system monitoring. WARNING: These signatures/analytics aren't necessarily malicious activity. They require follow on analysis to truly determine if this activity is malicious or not. Background Cyber actors have demonstrated their continued willingness to conduct...
SubCat – A Fast And Efficient Subdomain Enumeration Tool
.webp "SubCat – A Fast And Efficient Subdomain Enumeration Tool")
SubCat a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and is optimized for speed. SubCat is built for doing one thing only - passive subdomain enumeration, and it does that very well. We have designed SubCat to comply with all passive sources licenses, and usage restrictions, as...
LinikatzV2 – Unveiling UNIX Secrets in Active Directory Environments
LinikatzV2 is a bash script based on the Linikatz tool developed by time-machine (link). It allows post-exploitation tasks on UNIX computers joined to Active Directory, using various methods for credential mining. This tool needs root privileges to be run on the host system. It allows extraction of : Hashed stored in files for offline connection (SHA-512 format) Kerberos tickets (user & machine) Clear passwords in RAM NTLM...
How To Use a Box Plot To Analyze Data
The vast field of data visualization is adorned by many intriguing elements and techniques that help in representing abstract, complex data into easily digestible, interpretive graphical formats. One such significant element in data visualization is the box plot. In this article, we will delve deep into the realm of box plots and look at their applications and importance in...
CVE-2023-22515 Scanner – Detecting Atlassian Confluence Vulnerability
.webp "CVE-2023-22515 Scanner – Detecting Atlassian Confluence Vulnerability")
This is simple scanner for CVE-2023-22515, a critical vulnerability in Atlassian Confluence Data Center and Server that is actively being exploited in the wild by threat actors in order "to create unauthorized Confluence administrator accounts and access Confluence instances". The vulnerability was initially described as a "privilege escalation" issue, but Atlassian later changed the classification to "broken access control" in...
Msprobe – On-Prem Microsoft Solutions Discovery For Security
.webp "Msprobe – On-Prem Microsoft Solutions Discovery For Security")
Discovering and securing on-premises Microsoft solutions is paramount in today's cybersecurity landscape. In this article, we delve into 'msprobe,' a powerful tool designed to aid in the identification of on-prem Microsoft products. With its versatile modules, 'msprobe' empowers security professionals to pinpoint and assess potential vulnerabilities, ensuring robust protection for organizations. About Installing Usage Examples Coming Soon Acknowledgements About Finding all things on-prem Microsoft for password spraying...
Aftermath – Swift-Powered Incident Response And Data Analysis
.webp "Aftermath – Swift-Powered Incident Response And Data Analysis")
Aftermath is a Swift-based, open-source incident response framework. Aftermath can be leveraged by defenders in order to collect and subsequently analyze the data from the compromised host. Aftermath can be deployed from an MDM (ideally), but it can also run independently from the infected user's command line. Aftermath first runs a series of modules for collection. The output of this will...
Dangerzone – Safely Convert Risky Documents Into Secure PDFs
.webp "Dangerzone – Safely Convert Risky Documents Into Secure PDFs")
Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF. Dangerzone works like this: You give it a document that you don't know if you can trust (for example, an email attachment). Inside of a sandbox, Dangerzone converts the document to a PDF (if it isn't already one), and then converts the PDF...
Nord Stream – Uncovering Secrets With A CICD Exploitation Toolkit
.webp "Nord Stream – Uncovering Secrets With A CICD Exploitation Toolkit")
Nord Stream is a tool that allows you extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab. Table Of Contents Nord Stream Table of Contents Installation Usage General usage Describe token Build YAML YAML Clean logs Signing commits Azure DevOps Service connections Help GitHub List protections Disable protections Force Azure OIDC AWS OIDC Help GitLab List secrets YAML List protections Help TODO Contact Installation $ pip3 install -r requirements.txt git is also required and must exist in your PATH. Usage General Usage Describe Token The --describe-token option can be used to display...
.webp "TrailShark : Revolutionizing AWS CloudTrail Analysis With Wireshark Integration")
