.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
GuardDuty Runbook Automator – Streamlined Security Responses
Create a runbook for all available GuardDuty finding types found on the GuardDuty docs website using the information documented for each finding. This project is a kick-start to generate a base set of runbooks when GuardDuty is enabled in an organization. Runbooks will need to be customized to fit organizational incident response procedures and add contextual information. Generating Runbooks This tool can be installed...
ProtINTelligence: Python-based ProtonMail OSINT Analyzer
In the vast landscape of cyber tools, "PROTINTELLIGENCE" stands out as a specialized Python script designed for the OSINT and Cyber Community. This powerful tool, tailored for domain analysis, aims to unveil the intricate relationship between custom domains and Protonmail, a widely acknowledged encrypted email service. From detecting Protonmail usage to diving deep into PGP key intricacies, PROTINTELLIGENCE serves...
DEEPCE – Docker’s Ultimate Security Toolkit
Tailored for professionals who seek to elevate their Docker container security game, this powerful suite offers advanced enumeration, privilege escalation, and container escape functionalities. Designed with utmost compatibility in mind, DEEPCE operates in pure sh, ensuring it seamlessly integrates into any container environment. ...
MQTT Security: Securing IoT Communications
MQTT stands for Message Queuing Telemetry Transport. It is a machine-to-machine (M2M) connectivity protocol designed specifically for the Internet of Things (IoT). It enables the efficient and reliable transmission of data between devices, even in environments with limited network capabilities. MQTT uses a publisher-subscriber model, which is different from the traditional client-server model. In this model, devices (publishers) send...
DorXNG – Advanced OSINT via Meta-Search & Tor
DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers. On the backend, it leverages a purpose-built containerized image of SearXNG, a self-hosted, hackable, privacy-focused meta-search engine. Our SearXNG implementation routes all search queries over the Tor network while refreshing circuits every ten seconds with Tor's MaxCircuitDirtiness configuration directive. Researchers have also disabled all of SearXNG's client-side timeout...
ICMPWatch – Advanced Sniffing & Analysis of ICMP Packets
ICMP Packet Sniffer is a Python program that allows you to capture and analyze ICMP (Internet Control Message Protocol) packets on a network interface. It provides detailed information about the captured packets, including source and destination IP addresses, MAC addresses, ICMP type, payload data, and more. The program can also store the captured packets in a SQLite database and save them...
PowerToys Run’s Quick Lookup Plugin
This plugin for PowerToys Run allows you to quickly search for an IP address, domain name, hash, or any other data point in a list of Cyber Security tools. It's perfect for security analysts, penetration testers, or anyone else who needs to quickly look up information when investigating artifacts or alerts. Installation To install the plugin: Navigate to your Powertoys Run Plugin folder For a...
Moniorg – Passive Monitoring via Certificate Transparency
Description Moniorg is a cutting-edge tool that uses Certificate Transparency logs to let you keep an eye on things without being noticed. With this tool, security experts can keep track of new names that are linked to an organization's SSL certificates. This gives them a unique look into the organization's infrastructure. By using the power of CT logs, Moniorg can...
HTTP-Shell: Multiplatform Reverse Connection Tool
HTTP-Shell is a multiplatform reverse shell. This tool helps you obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells, the main goal of the tool is to be used in conjunction with Microsoft Dev Tunnels in order to get a connection as close as possible to a legitimate one. This shell is not fully interactive...
WhatsApp’s Task Hijacking Bug Explained
.webp "WhatsApp’s Task Hijacking Bug Explained")
While reviewing the WhatsApp Android application, researchers identified a misconfiguration in AndroidManifest.xml related to task control features. This misconfiguration leads to a critical vulnerability called task hijacking and enables the attack flow against the latest WhatsApp on Android-based phones. In successful exploitation of the vulnerability, the malicious app can take over the "back stack" of the WhatsApp app, and whenever...
.png "FastFinder : Incident Response – Fast Suspicious File Finder")
