CCC : Cyberspace Under Siege – Understanding Crime, Espionage, And Conflict

This is a short graduate course providing an introduction to the areas of crime, espionage and conflicts in cyberspace. The material is used for the “Cybercrime, Cyberespionage, and Cyberwar” course currently taught in the Master in Cybersecurity at UC3M. The course provides a gentle, not very technical introduction to several contemporary security and privacy topics, including The main goal of …

Freeway – A Comprehensive Guide To WiFi Penetration Testing With Python

“Freeway” is a Python-based tool designed to enhance WiFi penetration testing and network security. Utilizing the capabilities of Scapy, it equips ethical hackers and security professionals with the necessary tools to audit and secure networks. Explore its robust features like packet monitoring, deauthentication attacks, and more to sharpen your cybersecurity skills. 1. Overview Freeway is a …

ADSpider : Advanced Real-Time Monitoring Of Active Directory Changes

Tool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects. Parameters DC – domain controller FQDN.Formatlist – output in list instead of table.ExcludelastLogonTimestamp – exclude lastLogonTimestamp events from outputDumpAllObjects – dump all active directory before start. In case …

VMware vCenter : CVE-2024-37081 Proof Of Concept

Este repositorio contiene una prueba de concepto (PoC) para la vulnerabilidad CVE-2024-37081 en VMware vCenter. La vulnerabilidad se debe a una mala configuración en el archivo /etc/sudoers que permite la preservación de variables ambientales peligrosas al ejecutar comandos sudo. Esto puede ser aprovechado por atacantes para ejecutar comandos arbitrarios con privilegios de root. Vulnerabilidad Requisitos Instrucciones 2. Ejecuta …

DetectItEasy With Python – A Comprehensive Guide

DetectItEasy-Python is a powerful tool designed to streamline file scanning and analysis using Python bindings. This article guides you through the straightforward installation process via pip or Git and provides essential details for utilizing the tool effectively across different operating systems. Whether you’re a seasoned developer or new to cybersecurity, this guide makes it easy …

Volatility Binaries – A Comprehensive Guide To Compiling And Using Volatility Tools

Explore the essentials of Volatility binaries with our detailed guide. This article provides easy access to compiled binaries of Volatility, complete with SHA1 hashes and compilation dates. Whether you’re a seasoned analyst or a newcomer, learn how to compile these tools on your own to enhance your forensic capabilities. For any issues, Binary SHA1 hash …

Mailgoose – Ensuring Email Security With SPF, DMARC, And DKIM Verification

Mailgoose is a web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly. CERT PL uses it to run bezpiecznapoczta.cert.pl, an online service that helps Polish institutions to configure their domains to decrease the probability of successful e-mail spoofing. Under the hood, Mailgoose uses checkdmarc and dkimpy, among others. Quick …

BGPipe – BGP Reverse Proxy And Firewall

An innovative open-source tool that revolutionizes BGP management by acting as a reverse proxy and firewall. Leveraging the powerful BGPFix library, bgpipe enhances security, visibility, and control over BGP sessions. From seamless JSON conversions to robust router control mechanisms, explore how bgpipe secures and streamlines BGP communications. This project provides an open-source BGP reverse proxy …

Sinon – Modular Windows Burn-In Automation With Generative AI For Deception

Sinon is a modular tool for automatic burn-in of Windows-based deception hosts that aims to reduce the difficulty of orchestrating deception hosts at scale whilst enabling diversity and randomness through generative capabilities. It has been created as a proof-of-concept and is not intended for production deception environments. It would likely be better suited to having …

HackSys Extreme Vulnerable Driver (HEVD) – BufferOverflowNonPagedPoolNx Exploit

This repository contains an exploit for the BufferOverflowNonPagedPoolNx vulnerability in HackSys Extreme Vulnerable Driver (HEVD). The exploit targets Windows 10 Version 22H2 (OS Build 19045.3930) and demonstrates a technique to achieve privilege escalation from a low-integrity process to SYSTEM. Exploit Overview The exploit leverages the BufferOverflowNonPagedPoolNx vulnerability to create a “ghost chunk” through Aligned Chunk Confusion in the NonPagedPoolNx region. This ghost …