OSINT-Collector : Harnessing Advanced Frameworks For Domain-Specific Intelligence Gathering

OSINT-Collector is an advanced framework that facilitates the collection, analysis, and management of OSINT information useful for conducting investigations in specific domains of interest. Table Of Contents Design And Architecture In this framework has been used an Ontology approach: Using the graphical interface, the user can select an OSINT tool, input required parameters, and initiate execution to perform a specific search. This execution request …

GoAccess : A Comprehensive Guide To Real-Time Web Log Analysis And Visualization

GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal on *nix systems or through your browser. It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly.  Features GoAccess parses the specified web log file and outputs the data to the X terminal. Features include: Nearly …

Wstunnel – Revolutionizing Network Access Through Advanced Tunneling Techniques

Most of the time when you are using a public network, you are behind some kind of firewall or proxy. One of their purpose is to constrain you to only use certain kind of protocols and consult only a subset of the web. Nowadays, the most widespread protocol is http and is de facto allowed …

GCPwn – A Comprehensive Tool For GCP Security Testing

gcpwn was a tool built by myself while trying to learn GCP and leverages the newer GRPC client libraries created by google. It consists of numerous enumeration modules I wrote plus exploit modules leveraging research done by others in the space (ex. Rhino Security) along with some existing known standalone tools like GCPBucketBrute in an effort to make the …

Quick Start – Comprehensive Guide To Installing And Configuring Malcolm On Linux Platforms

The files required to build and run Malcolm are available on its [GitHub page]({{ site.github.repository_url }}/tree/{{ site.github.build_revision }}). Malcolm’s source-code is released under the terms of the Apache License, Version 2.0 (see [LICENSE.txt]({{ site.github.repository_url }}/blob/{{ site.github.build_revision }}/LICENSE.txt) and [NOTICE.txt]({{ site.github.repository_url }}/blob/{{ site.github.build_revision }}/NOTICE.txt) for the terms of its release). Building Malcolm From Scratch The build.sh script can …

Installation – Comprehensive Guide To Using Androguard

The versatile capabilities of Androguard, a powerful tool for reverse engineering Android applications. This guide provides a step-by-step overview on how to install Androguard using different methods, including direct downloads from PyPI and builds from the latest commits on GitHub. Once installed, explore its comprehensive command-line interface that offers a range of functionalities from APK …

Netis Cloud Probe – Bridging Network Monitoring Gaps ith Advanced Packet Capture Tools

Netis Cloud Probe (Packet Agent, name used before)is an open source project to deal with such situation: it captures packets on Machine A but has to use them on Machine B. This case is very common when you try to monitor network traffic in the LAN but the infrastructure is incapable, for example Also, this project aims at developing a …

RdpStrike – Harnessing PIC And Hardware Breakpoints For Credential Extraction

The RdpStrike is basically a mini project I built to dive deep into Positional Independent Code (PIC) referring to a blog post written by C5pider, chained with RdpThief tool created by 0x09AL. The project aims to extract clear text passwords from mstsc.exe, and the shellcode uses Hardware Breakpoint to hook APIs. It is a complete positional independent code, and when the shellcode injects into the mstsc.exe process, …

CVE-2024-29849 : The Veeam Backup Enterprise Manager Authentication Bypass

According to Veeam official advisory, all the versions BEFORE Veeam Backup Enterprise Manager 12.1.2.172 are vulnerable Usage First, you need to have the right setup for a local HTTPS setup, use the following commands

CVE-2024-26229 : Address Validation Flaws In IOCTL With METHOD_NEITHER

delve into CVE-2024-26229, a critical security vulnerability identified within the csc.sys driver, pivotal in handling I/O control codes. This issue is catalogued under CWE-781, indicating a severe oversight in address validation mechanisms when utilizing METHOD_NEITHER I/O Control Codes. Such vulnerabilities pose significant risks as they could allow attackers to execute arbitrary code within the kernel, …