Osquery queries for Detection & Incident Response, containing 250+ production-ready queries. ODK (osquery-defense-kit) is unique in that the queries are…
Privilege escalation from NT Service to SYSTEM using SeImpersonateToken privilege and MS-RPRN functions. Heavily based Reflective Loader from Install Clone…
PoC for the CVE-2023-49103 Overview This Python script is designed to efficiently process a large list of URLs to check…
All the deals for InfoSec related software/tools this Black Friday / Cyber Monday. Researcher was a little late getting started…
AWS Kill Switch is a Lambda function (and proof of concept client) that an organization can implement in a dedicated…
This piece talks about eBPF tools and shows how they can be used to improve system monitoring by keeping track…
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way,…
An innovative, open source data visualization app. Brings data to life through captivating graphs. JSON Crack (jsoncrack.com) JSON Crack is…
Karton-Pcap-Miner is a strong program that quickly pulls network indicators from analysis PCAP files." It works with MWDB without any…
Crawlector (the name Crawlector is a combination of Crawler & Detector) is a threat-hunting framework designed for scanning websites for malicious objects. Note-1:…