Process Stomping: Advanced Technique for Executing Shellcode in Targeted Executable Sections
Cybersecurity is a field that is always changing, and new techniques are always being made to improve both offensive and defensive tactics. Process Stomping is an improved version of Process Overwriting that was first used by Aleksandra Doniec (hasherezade) and is now being studied by others in the field. This method is better than others because it precisely and...
CLZero: Fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
CLZero is a strong program that helps security experts and penetration testers find and use attack vectors for HTTP/1.1 CL.0 Request Smuggling. Request smuggling is a major security hole in web applications that can let hackers in and cause data to leak, among other bad things. CLZero was based on the tool Smuggler and uses attack gadgets that were...
KnowsMore: Active Directory and Password Analysis Tool
KnowsMore is a powerful program made for people who work in network security and Active Directory control. There are many tools it comes with that let you look at and control Active Directory settings, BloodHound data, NTDS hashes, and crack passwords. Users can import and connect important data, check the strength of passwords, look for users and hashes, and...
Top 3 Cybersecurity Trends for SME Business Leaders in 2024
As Cynet’s COO, my team and I get to work closely with risk management executives at small-to-medium enterprises (SMEs) around the world. In this article, I'll condense our collaboration's insights into three key trends for 2024, backed up by data and research from all areas of cybersecurity practice. These emerging patterns pertain to organizations of all shapes and sizes...
B(l)utter: A Tool for Reverse Engineering Flutter Mobile Applications
utter.webp "B(l)utter: A Tool for Reverse Engineering Flutter Mobile Applications")
Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime Currently the application supports only Android libapp.so (arm64 only). Also the application is currently work only against recent Dart versions. For high priority missing features, see TODO Environment Setup This application uses C++20 Formatting library. It requires very recent C++ compiler such as g++>=13, Clang>=15. I recommend using Linux OS (only tested on Deiban...
BestEDROfTheMarket: A User-Mode EDR Evasion Lab for Learning and Testing
Little AV/EDR Evasion Lab for training & learning purposes. (????️ under construction..) ____ _ _____ ____ ____ ___ __ _____ _ | __ ) ___ ___| |_ | ____| _ | _...
GitAlerts: Enhancing GitHub Security and Monitoring for Organization Repositories
GitHub has become an important tool for version control and project management in the ever-changing world of software development and teamwork. GitHub is used by organizations and developers all over the world to store their repositories, work together on code, and keep track of their software projects. But, as the saying goes, "Great power comes great responsibility." It's easy...
CVE-2023-6553 Exploit V2
The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. An attacker can control the values passed to an include statement, leveraging that to achieve remote code execution. This vulnerability allows unauthenticated attackers to execute code on the server easily. Installation Ensure you have Python 3.x installed on your system. Install...
ICSpector: Microsoft’s Open-Source ICS Forensics Framework
.webp "ICSpector: Microsoft’s Open-Source ICS Forensics Framework")
Microsoft ICS Forensics Tools framework is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files.The framework provides investigators with a convenient way to scan for PLCs and identify any suspicious artifacts within ICS environments, which can be used for manual checking, automated monitoring tasks, or incident response operations to detect compromised devices.By being...
Atlassian Companion RCE Vulnerability Proof of Concept (CVE-2023-22524)
Atlassian Companion for macOS has a serious remote code execution vulnerability that was just found. It is called CVE-2023-22524. This flaw is a major security risk because it lets attackers get around both the app's blocklist and macOS Gatekeeper, which could allow harmful code to run. This piece will go into the technical details of this vulnerability, look at...
