GhostRecon – An In-depth Guide To A Compact OSINT Tool For Linux

In the vast world of Linux tools, GhostRecon stands out as a streamlined solution for research and OSINT (Open Source Intelligence) tasks. Originally developed by mZzgamer and later taken over by DR34M-M4K3R, this tool promises efficiency and user-friendliness. This guide delves into the features, installation process, and effective usage of GhostRecon, ensuring you harness its …

LatLoader – Evading Elastic EDR In Lateral Movement

LatLoader is a PoC module to demonstrate automated lateral movement with the Havoc C2 framework. The main purpose of this project is to help others learn BOF and Havoc module development. This project can also help others understand basic EDR rule evasions, particularly when performing lateral movement. The sideload subcommand is the full-featured PoC of this module. …

Telegram Explorer (TEx) – The Ultimate Toolkit for Telegram Data Analysis

TEx is a Telegram Explorer tool created to help Researchers, Investigators and Law Enforcement Agents to Collect and Process the Huge Amount of Data Generated from Criminal, Fraud, Security and Others Telegram Groups. BETA VERSION Please note that this project has been in beta for a few weeks, so it is possible that you may encounter …

HackSys Extreme Vulnerable Driver – A Deep Dive into HEVD Exploitation

The HackSys Extreme Vulnerable Driver (HEVD) is a Windows Kernel driver that is intentionally vulnerable. It has been developed for security researchers and enthusiasts to improve their skills in kernel-level exploitation. HEVD offers a range of vulnerabilities, from simple stack buffer overflows to more complex issues such as use-after-free, pool buffer overflows, and race conditions. This allows researchers to explore exploitation techniques for each implemented vulnerability. Screenshots Vulnerabilities Implemented Building The …

OSGINT – A Deep Dive Into GitHub User Information Retrieval

In the vast realm of GitHub, the ability to glean information about users can be invaluable for various purposes. ‘OSGINT: A Deep Dive into GitHub User Information Retrieval’ introduces an innovative tool that harnesses the power of open-source intelligence to extract detailed profiles from GitHub usernames and emails. Join us as we explore the features, …

Challenges in Proposal Management and How To Overcome Them

Enhancing Proposal Management Proposal management can be a complex task. Companies across all industries face various challenges when managing the process. If you are searching for ways to overcome these challenges, this article is perfect. Understanding Proposal Management An efficient proposal management process is an organized activity that involves coordinating efforts to respond to a …

VTI-Dorks – Mastering Threat Hunting With VirusTotal Queries

Awesome VirusTotal Enterprise Search Queries (formerly Virustotal Intelligence or VTI). In today’s evolving cyber landscape, effective threat hunting is paramount. ‘VTI-Dorks: Mastering Threat Hunting with VirusTotal Queries’ offers a deep dive into advanced search techniques using VirusTotal Enterprise. This guide uncovers powerful queries for researchers, analysts, and cybersecurity enthusiasts to pinpoint elusive threats, enhance their …

CloudGrep – Efficient Direct Search For Logs In Cloud Storage

The innovative solution designed to streamline your search processes in cloud storage. By bypassing traditional log indexing in SIEMs, CloudGrep offers a faster, cost-effective method to delve directly into your AWS S3 logs. Whether you’re debugging applications or conducting a security investigation, discover how CloudGrep enhances your cloud-based search capabilities. Why? Example Simple example: More …

ChopChop – Web Security Testing Tool

ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot. Checks/Signatures are declared in a config file (by default: chopchop.yml), fully configurable, and especially by developers. “Chop chop” is a phrase rooted in …

CVE-2023-43770 POC – Unveiling XSS Vulnerability In Roundcube

In the dynamic realm of cybersecurity, vulnerabilities emerge and evolve constantly. The recent discovery of CVE-2023-43770 highlights an alarming Cross-Site Scripting (XSS) flaw in popular webmail software, Roundcube. This article delves deep into the vulnerability, offering a hands-on Proof-of-Concept to understand its intricacies and implications. Join us as we unveil the layers behind this significant …