Kali
Sshimpanzee allows you to build a static reverse ssh server. Instead of listening on a port and waiting for connections, the ssh server will initiate a reverse connect to attacker’s ip, just like a regular reverse shell. Sshimpanzee allows you to take advantage of every features of a regular ssh connection, like port forwards, dynamic socks proxies, or FTP server. More importantly, if …
Continue reading “Sshimpanzee – Unleashing Advanced Reverse SSH Tunnels For Security Professionals”
This is simple scanner for CVE-2023-22515, a critical vulnerability in Atlassian Confluence Data Center and Server that is actively being exploited in the wild by threat actors in order “to create unauthorized Confluence administrator accounts and access Confluence instances”. The vulnerability was initially described as a “privilege escalation” issue, but Atlassian later changed the classification to …
Continue reading “CVE-2023-22515 Scanner – Detecting Atlassian Confluence Vulnerability”
Stand up a 100% containerized Elastic stack, TLS secured, with Elasticsearch, Kibana, Fleet, and the Detection Engine all pre-configured, enabled and ready to use, within minutes. If you’re interested in more details regarding this project and what to do once you have it running, check out our blog post on the Elastic Security Labs site. This is …
Introduction There’s no doubt that reverse engineering can be a very complex and confusing matter, even for those that love doing it. Jumping into a program and being greeted with tons of assembly and weirdly-named functions and variables is hardly what most would call a fun time. Not to mention that identifying specific functionality in …
Continue reading “Cartographer – Advanced Code Coverage Mapping in Ghidra”
This plugin for PowerToys Run allows you to quickly search for an IP address, domain name, hash, or any other data point in a list of Cyber Security tools. It’s perfect for security analysts, penetration testers, or anyone else who needs to quickly look up information when investigating artifacts or alerts. Installation To install the plugin: Usage …
Antivirus REDucer for Antivirus REDteaming. Avred tries to provide as much context and information about each match as possible when identifying which portions of a file an antivirus has identified. Avred is a new tool that breaks down how antivirus programs work and shows exactly which parts of a file cause antivirus alerts. This tool …
Welcome to OWASP WrongSecrets CTF Party, where Capture The Flag tasks meet scalability without any problems. Our platform is made for dynamic, multi-tenant CTF games. It was made possible by the pioneering work of the OWASP MultiJuicer. Whether you’re a contestant who wants to take on the tasks or an organizer who wants a simple …
Continue reading “OWASP WrongSecrets: Multi-Tenant CTF Party Setup”
Meet Supernova, the new and improved shellcode encryption tool made for today’s ethical hackers. Supernova is written in Golang and works with both Windows and Linux. It has a wide range of encryption ciphers, such as ROT, XOR, RC4, and AES. What makes it different? It’s not just an encryptor; it also changes your encrypted …
Continue reading “Supernova : The Ultimate Shellcode Encryption & Conversion Toolkit”
In today’s fast-paced world, frontline workers play a vital role in delivering services and products directly to customers. From healthcare providers and retail associates to logistics personnel and customer service representatives, these frontline workers rely on mobile devices to streamline their tasks. To elevate and unleash their full potential, organizations are turning to the power …
Windows Event Log Analyzer wants to be the Swiss Army knife of Windows event logs. At the moment, WELA’s best feature is that it can make an easy-to-understand timeline of logins to help with fast forensics and incident reaction. WELA’s logon timeline generator will combine only the useful information from multiple logon log entries (4624, …
.webp)
.webp)
.webp)
