Active Directory Canaries is a detection primitive for Active Directory enumeration (or recon) techniques. It abuses the concept of DACL…
In the world of cybersecurity, where things change quickly, it's important to do thorough and fast penetration testing. Here comes…
This is a tool used to discover endpoints (and potential parameters) for a given target. It can find them by:…
Osquery queries for Detection & Incident Response, containing 250+ production-ready queries. ODK (osquery-defense-kit) is unique in that the queries are…
Privilege escalation from NT Service to SYSTEM using SeImpersonateToken privilege and MS-RPRN functions. Heavily based Reflective Loader from Install Clone…
PoC for the CVE-2023-49103 Overview This Python script is designed to efficiently process a large list of URLs to check…
All the deals for InfoSec related software/tools this Black Friday / Cyber Monday. Researcher was a little late getting started…
AWS Kill Switch is a Lambda function (and proof of concept client) that an organization can implement in a dedicated…
This piece talks about eBPF tools and shows how they can be used to improve system monitoring by keeping track…
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way,…