.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
EDRSandblast-GodFault: Advanced EDR Bypass Tool
EDRSandblast-GodFault is an advanced EDR bypass tool aimed at security researchers and organizations. Its purpose is to evaluate the effectiveness of current EDR systems by simulating real-world attack techniques. Use this tool responsibly and only on systems where you have explicit authorization. Integrates GodFault into EDR Sandblast, achieving the same result without the use of any vulnerable drivers. Example Output C:UsersuserDesktopOffsets>EDRSandblast.exe --kernelmode cmd D3FC0N 30...
Prebuilt Multi-Arch Binaries for Enhanced Device Management
Prebuilt binaries for multiple architeture (arm, armeb, aarch64, aarch64_be, mips, mips1, mipsel, mipsel1, mips64, mips64el, powerpc, powerpc64, powerpc64le, riscv64, i586, x86_64) All binaries are statically linked and stripped. Please go to the Release page for downloads. *archName*_tools.zip contains tools' binary (see Tools Section) for that specific arch, and allinone.zip contains all of it. Or download single file directly from bin branch. The source code and scripts can be found in the...
Empowering Frontline Workers: Streamline Device Management For An Enhanced Employee Experience
In today's fast-paced world, frontline workers play a vital role in delivering services and products directly to customers. From healthcare providers and retail associates to logistics personnel and customer service representatives, these frontline workers rely on mobile devices to streamline their tasks. To elevate and unleash their full potential, organizations are turning to the power of frontline device management solutions....
TelegramRAT – A Tool To Bypass Restricted Communications
A cross-platform Remote Access Tool that operates through Telegram, leveraging the secure messaging app for covert communication. Designed to navigate around network restrictions, TelegramRAT empowers users to remotely control computers, execute commands, retrieve system information, capture screenshots, and more, all while harnessing Telegram's encrypted platform. In this overview, we delve into TelegramRAT's functionality, installation process, and potential implications, shedding...
Autopsy- 4.21.0 Release With Faster Search And Malware Scanning
The 4.21 version of Autopsy is out, and this blog post will cover three of the most notable new features. You can see the full list of changes here. We’re going to cover, Inline Keyword Search Cyber Triage Malware Scanner Module Logical File Timestamps To download the latest version, go here. You can also attend a Webinar on September 12. Register here. Search For Keywords Without Building An...
ShadowSpray : Tool To Spray Shadow Credentials
ShadowSpray is a tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain. Why this tool In a lot of engagements I see (in BloodHound) that the group "Everyone" / "Authenticated Users" / "Domain Users" or some other wide group, which contains almost all the users in the...
Lfi-Space : Lfi Scan Tool
Screenshots How to use https://www.youtube.com/watch?v=rpcGqwZU2As Read Me LFI Space is a robust and efficient tool designed to detect Local File Inclusion (LFI) vulnerabilities in web applications. This tool simplifies the process of identifying potential security flaws by leveraging two distinct scanning methods: Google Dork Search and Targeted URL Scan. With its comprehensive approach, LFI Space assists security professionals, penetration testers,...
NucleiFuzzer – An Automation Tool
NucleiFuzzer is an automation tool that combines and enhances web application security testing. It uses ParamSpider to identify potential entry points and Nuclei's templates to scan for vulnerabilities. NucleiFuzzer streamlines the process, making it easier for security professionals and web developers to detect and address security risks efficiently. Download NucleiFuzzer to protect your web applications from vulnerabilities and attacks. Note: Nuclei + Paramspider = NucleiFuzzer Tools Included: ParamSpider git clone https://github.com/0xKayala/ParamSpider.git Nuclei git clone https://github.com/projectdiscovery/nuclei.git Templates: Fuzzing Templates git clone https://github.com/projectdiscovery/fuzzing-templates.git Output Usage nucleifuzzer -h This...
BadZure – A PowerShell To Set Up Azure Active Directory Tenants
.webp "BadZure – A PowerShell To Set Up Azure Active Directory Tenants")
BadZure is a PowerShell script that uses the Microsoft Graph SDK to set up Azure Active Directory tenants. It fills them with different entities and makes common security mistakes to make tenants that are easy to attack and have multiple entry points. BadZure automates the process of creating users, groups, application registrations, service principals, and administrative units, among other things. ...
CVE-2023-38035 – Arbitrary Command Execution As The Root user On Ivanti Sentry
Ivanti has just put out a warning about CVE-2023-38035. The vulnerability has been added to CISA KEV and is called an authentication bypass in the Ivanti Sentry user interface. This new flaw comes after a flaw in Ivanti EPMM (CVE-2023-35078) that was already being used in the wild. In this post, we'll look closely at how this new flaw...
.webp "Bypass Fuzzer – Exploring A Powerful Tool For Testing End Point Security")
