Kdrill – Unveiling Rootkit Intrusions In Windows 64-Bit Systems

Kdrill is a tool to analyze the kernel land of Windows 64b systems (tested from Windows 7 to Windows 11). Its main objective is to assess if the kernel is compromised by a rootkit. The code is compatible with python2/3 without dependencies and can perfom checks without Microsoft symbols or Internet connectivity. For live memory/kernel …

LogHunter – A Revolutionary Tool For Session Detection via Event Logs

Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN). I was once doing a very complex project where there were over 1000 hosts in the infrastructure. I needed to detect the user session. Running Invoke-UserHunter would have been a huge mistake. That’s when I came up with the idea that …

APKscan – Mastering Android Security Analysis

APKs (Android Package Kits) often leak secrets due to over-reliance on security through obscurity. Developers sometimes leave sensitive information such as API keys, tokens, and credentials hidden within the code, assuming that they won’t be found easily since the code has been compiled and obfuscated. However, this approach is fundamentally flawed, and such secrets can be exposed, leading to potential security vulnerabilities. Identify …

Akto.io – Comprehensive Security Testing And Inventory Management

Akto is an instant, open source API security platform that takes only 60 secs to get started. Akto is used by security teams to maintain a continuous inventory of APIs, test APIs for vulnerabilities and find runtime issues. Akto offers coverage for all OWASP top 10 and HackerOne Top 10 categories including BOLA, authentication, SSRF, …

CCC : Cyberspace Under Siege – Understanding Crime, Espionage, And Conflict

This is a short graduate course providing an introduction to the areas of crime, espionage and conflicts in cyberspace. The material is used for the “Cybercrime, Cyberespionage, and Cyberwar” course currently taught in the Master in Cybersecurity at UC3M. The course provides a gentle, not very technical introduction to several contemporary security and privacy topics, including The main goal of …

Freeway – A Comprehensive Guide To WiFi Penetration Testing With Python

“Freeway” is a Python-based tool designed to enhance WiFi penetration testing and network security. Utilizing the capabilities of Scapy, it equips ethical hackers and security professionals with the necessary tools to audit and secure networks. Explore its robust features like packet monitoring, deauthentication attacks, and more to sharpen your cybersecurity skills. 1. Overview Freeway is a …

ADSpider : Advanced Real-Time Monitoring Of Active Directory Changes

Tool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects. Parameters DC – domain controller FQDN.Formatlist – output in list instead of table.ExcludelastLogonTimestamp – exclude lastLogonTimestamp events from outputDumpAllObjects – dump all active directory before start. In case …

VMware vCenter : CVE-2024-37081 Proof Of Concept

Este repositorio contiene una prueba de concepto (PoC) para la vulnerabilidad CVE-2024-37081 en VMware vCenter. La vulnerabilidad se debe a una mala configuración en el archivo /etc/sudoers que permite la preservación de variables ambientales peligrosas al ejecutar comandos sudo. Esto puede ser aprovechado por atacantes para ejecutar comandos arbitrarios con privilegios de root. Vulnerabilidad Requisitos Instrucciones 2. Ejecuta …

DetectItEasy With Python – A Comprehensive Guide

DetectItEasy-Python is a powerful tool designed to streamline file scanning and analysis using Python bindings. This article guides you through the straightforward installation process via pip or Git and provides essential details for utilizing the tool effectively across different operating systems. Whether you’re a seasoned developer or new to cybersecurity, this guide makes it easy …

Volatility Binaries – A Comprehensive Guide To Compiling And Using Volatility Tools

Explore the essentials of Volatility binaries with our detailed guide. This article provides easy access to compiled binaries of Volatility, complete with SHA1 hashes and compilation dates. Whether you’re a seasoned analyst or a newcomer, learn how to compile these tools on your own to enhance your forensic capabilities. For any issues, Binary SHA1 hash …