Disclaimer: “Use at Your Own Risk” All information in the Service is provided “as is”, with no guarantee of completeness, accuracy, timeliness, or the results obtained from the use of this information, resources, tools, references, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability, and fitness for a particular purpose. The […]
Microsoft Office 365 provides a range of features designed to safeguard your data against contemporary threats. Upon creating a new tenant, some default security features are activated, but not all. For existing tenants, it becomes imperative to stay informed about new security features and manually enable them to enhance the security of Office 365. This guide is crafted as a […]
Enumerate your Powershell hacks , scripts usage (Adv) , to the next level . This Repository contains all kinds of Hacks and Powershell Tricks, from basics to advance powershell commands and scripts that will help you in day to day life of an IT Sectors , cybersecurity or Windows Automation Topic Description Link Basic of Windows Systems [Works, Methods etc] […]
Get the Most Out of Your Content Creation, Lead Generation, and Innovation Efforts! Awesome ChatGPT Prompts OpenAI Cookbook – Code and example prompts for accomplishing common tasks with the OpenAI API Linus on Twitter Barsee – ChatGPT Full Course Rohit Ghumare on Twitter – ChatGPT for DevOps Engineers Pratham Kumar on Github – ChatGPT Prompts Kavir Kaycee – ChatGPT prompts […]
A curated list of tools and resources for security incident response, aimed to help security analysts and DFIR teams. Digital Forensics and Incident Response (DFIR) teams are groups of people in an organization responsible for managing the response to a security incident, including gathering evidence of the incident, remediating its effects, and implementing controls to prevent the incident from recurring […]
Recon Phase [ ] Identify web server, technologies and database [ ] Subsidiary and Acquisition Enumeration [ ] Reverse Lookup [ ] ASN & IP Space Enumeration and Service Enumeration [ ] Google Dorking [ ] Github Recon [ ] Directory Enumeration [ ] IP Range Enumeration [ ] JS Files Analysis [ ] Subdomain Enumeration and Bruteforcing [ ] […]
Features Listen on various ports for Log4Shell exploitation. Detect exploitation in request line and headers. Log to file and Azure blob storage. Usage Install Poetry: curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python3 – Fetch this GitHub repository git clone https://github.com/thomaspatzke/Log4Pot.git Change directory into the local copy with cd Log4Pot Install pycurl dependencies (Debian / Ubuntu): apt install libcurl4-openssl-dev libssl-dev python3-dev build-essential Install […]
Background LLMNR & NBT-NS relay attack is a common way to compromise a Windows host by capturing hashes for cracking or relaying it to another host for authentication. This method is usually used when I can’t find critical vulns like MS17-010. SMB relay attacks also requires a Windows host to attempt to resolve a SMB share or connect to a […]
sniffglue is a network sniffer written in rust. Network packets are parsed concurrently using a thread pool to utilize all cpu cores. Project goals are that you can run sniffglue securely on untrusted networks and that it must not crash when processing packets. The output should be as useful as possible by default. Usage Installation Arch Linux Mac OSX Debian/Ubuntu/Kali […]
Burp suite has always been used to burst a variety of forms used to submit the login authentication, today i am going guide you how to use Use the Burp Suite to brute force HTTP Basic authentication. HTTP Basic authentication HTTP Basic authentication is a simple request and response mechanism through which the server can request authentication information (user ID […]
A repository that includes all the important word lists used while brute forcing the directories in bug hunting.
A curated list of awesome reversing resource Books Reverse Engineering Books The IDA Pro Book Radare2 Book Reverse Engineering for Beginners The Art of Assembly Language Practical Reverse Engineering Reversing: Secrets of Reverse Engineering Practical Malware Analysis Malware Analyst’s Cookbook Gray Hat Hacking Access Denied The Art of Memory Forensics Hacking: The Art of Exploitation Fuzzing for Software Security Art […]
We’ve collected some of the most salient points about the upcoming Windows 11, the ones enterprise IT admins will most need to know. So much for that promise. You know, the one Microsoft made six years ago when it told customers that Windows 10 was “the last version of Windows” they’d see. Instead, Windows 10 will end — also as […]
What is SSH Secure Shell or SSH is used to remotely access the server or any computer with SSH enabled. Perfect replacement for telnet protocol. Telnet is not secure like SSH, SSH provides encryption for secure communication. SSH by default uses TCP port 22 to connect with the SSH service. SSH will allow the client to connect the remote system […]
The U.S. government’s National Security Agency (NSA) on June 22, 2021 announced plans to fund the development of a knowledge base of defensive countermeasures for the most common techniques used by malicious hackers. The project, called D3FEND, is available through the non-profit MITRE Corporation as a catalogue of defensive cybersecurity techniques and their relationships to offensive/adversary techniques. The primary goal […]
Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply. Features Fast And Simple SYN/CONNECT probe based scanning. Optimized for ease of […]
Small scope Medium scope Large scope Network Preparation Registration Authentication Session Profile/Account details Forgot/reset password Input handling Error handling Application Logic Other checksInfrastructure CAPTCHA Security Headers
Magic Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18. Usage is simple, just run Magic Unicorn (ensure Metasploit is installed if using Metasploit methods and in the right path) […]
This tool kit is very much influenced by infosecn1nja’s kit. Use this script to grab majority of the repos. NOTE: hard coded in /opt and made for Kali Linux Total Size (so far): 2.5+Gb Install Guide: Change Log Phantom Evasion Forewarning Contents Reconnaissance Weaponization Delivery Command and Control Lateral Movement Establish Foothold Escalate Privileges Data Exfiltration Misc References Reconnaissance Active […]
With HTTP Parameter Pollution (HPP) attacks, threat actors can hide scripts and processes in URLs. First discovered in 1999, this technique can also allow threat actors to pollute the parameters in the URL and the request body. This could lead to behavior changes in the app, such as cross-site scripting, privilege changes or granting unwanted access. HPP remains a risk […]
Introduction – Fundamentals and basics of different topics like networking, databases, web applications, commands, etc. Windows Linux Networking Web Application Basics Services and Ports File Transfers Python Fundamentals C# Fundamentals TCPdump Powershell Wireshark Packet Crafting Tools FTP SQL YouTube Playlist Databases SQL IIS IIS Web Server MySQL Kali Tools IP Tables Tools Bettercap Masscan SQL Injection Tools Mimikatz Wordlists SecLists […]
A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux Prerequisites In order to use it on Linux, please execute commands below: apt-get install osslsigncode pip3 install pyopenssl Download Tool
One of the major struggles in bug bounty hunting is to collect and analyze data during reconnaissance, especially when there are a lot of tools around but very few that offer actually useful results. The job of eliminating false positives and unrelated data from your recon becomes harder as the size of your target increases. Most popular tools used by […]
Content: The best way to search this list is by: Simply pressing command + F to search for a keyword Go through our Content Menu. Scanners Passive and Active scan plugins. Active Scan++ – ActiveScan++ extends Burp Suite’s active and passive scanning capabilities. Burp Vulners Scanner – Vulnerability scanner based on vulners.com search API. Additional Scanner checks – Collection of […]
Tools, Tutorials and References for AWS penetration testing: Defensive (Hardening, Security Assessment, Inventory) ScoutSuite: https://github.com/nccgroup/ScoutSuite – Multi-Cloud Security auditing tool for AWS, Google Cloud and Azure environments (Python) Prowler: https://github.com/toniblyx/prowler – CIS benchmarks and additional checks for security best practices in AWS (Shell Script) CloudSploit: https://github.com/cloudsploit/scans – AWS security scanning checks (NodeJS) CloudMapper: https://github.com/duo-labs/cloudmapper – helps you analyze your AWS […]
The following information was compiled from more than 60 penetration test reports that have been produced during the year of 2020 and 2019 for various mid-sized organizations and businesses from around the world. Top 10 vulnerabilities The list is organized from the bottom (top 10) to the top 1. 10. Weak and default passwords Hunting for weak and default credentials […]
This article contains a list of PowerShell commands collected from various corners of the Internet which could be helpful during penetration tests or red team exercises. The list includes various post-exploitation one-liners in pure PowerShell without requiring any offensive (= potentially flagged as malicious) 3rd party modules, but also a bunch of handy administrative commands. Locating files with sensitive information […]
The Trident project is an automated password spraying tool developed to meet the following requirements: the ability to be deployed on several cloud platforms/execution providers the ability to schedule spraying campaigns in accordance with a target’s account lockout policy the ability to increase the IP pool that authentication attempts originate from for operational security purposes the ability to quickly extend […]
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community. Features Man-in-the-middle (MITM) HTTP/1.1 proxy with logs Project based database storage (SQLite) Scope support Headless management API using GraphQL Embedded web interface (Next.js) […]
isip Interactive sip toolkit for packet manipulations, sniffing, man in the middle attacks, fuzzing, simulating of dos attacks. Video Setup git clone https://github.com/halitalptekin/isip.git cd isip pip install -r requirements.txt Usage Packet manipulation tools are in packet cmd loop. First start, you are in the main cmd loop. isip:main> packet isip:packet> Create a new sip packet with new command. If you […]
ratched is a Man-in-the-Middle (MitM) proxy that specifically intercepts TLS connections. It is intended to be used in conjunction with the Linux iptabes REDIRECT target; all connections that should be intercepted can be redirected to the local ratched port. Through the SO_ORIGINAL_DST sockopt, ratched can determine the intended destination (before iptables packet mangling) and tries to establish a connection to […]
Powerglot Powerglot encodes several kind of scripts using polyglots, for example, offensive powershell scripts. It is not needed a loader to run the payload. In red-team exercises or offensive tasks, masking of payloads is usually done by using steganography, especially to avoid network level protections, being one of the most common payloads scripts developed in powershell. Recent malware and APTs […]
Installation There are two methods for installing and configuring this tool on kali linux or any other operating system. The first way is to download this tool using the “wget” command and configure it using the “dpkg” command. wget http://ftp.br.debian.org/debian/pool/main/f/fcrackzip/fcrackzip_1.0-10_amd64.deb dpkg -i fcrackzip_1.0-10_amd64.deb 1 wget http://ftp.br.debian.org/debian/pool/main/f/fcrackzip/fcrackzip_1.0-10_amd64.debdpkg -i fcrackzip_1.0-10_amd64.deb The other way is to install this tool directly using the following […]
A collection of open source and commercial tools that aid in red team operations. This repository will help you during red team engagement. If you want to contribute to this list send me a pull request. Reconnaissance Active Intelligence Gathering EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. https://github.com/ChrisTruncer/EyeWitness AWSBucketDump is a […]
A new research has identified four new variants of HTTP request smuggling attacks that work against various commercial off-the-shelf web servers and HTTP proxy servers. Amit Klein, VP of Security Research at SafeBreach who presented the findings today at the Black Hat security conference, said that the attacks highlight how web servers and HTTP proxy servers are still susceptible to […]
CRLF refers to the special character elements “Carriage Return” and “Line Feed.” These elements are embedded in HTTP headers and other software code to signify an End of Line (EOL) marker. Many internet protocols, including MIME (e-mail), NNTP (newsgroups) and, more importantly, HTTP, use CRLF sequences to split text streams into discrete elements. Web application developers split HTTP and other […]
Entrepreneurs think lack of customers, bad service and limited capital are what causes bankruptcy. Try being a victim of cybercrime. Success instills pride. Unfortunately, valuable possessions also attract thieves. Entrepreneurs think lack of customers, bad service and limited capital are what causes bankruptcy. Try being a victim of cyber crime. The National Cyber Security Alliance found that 60 percent of companies […]
A buffer overflow, or buffer overrun, is a common software coding mistake that an attacker could exploit to gain access to your system. To effectively mitigate buffer overflow vulnerabilities, it is important to understand what buffer overflows are, what dangers they pose to your applications, and what techniques attackers use to successfully exploit these vulnerabilities. Key Concepts of Buffer Overflow […]
What Is ARP Spoofing? ARP spoofing is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network. Once the attacker’s MAC address is connected to an […]
What is SQL Injection? How will SQL Injection impact my business? How do I prevent SQL Injection? What is SQL Injection? SQL injection (SQLi) is an application security weakness that allows attackers to control an application’s database – letting them access or delete data, change an application’s data-driven behavior, and do other undesirable things – by tricking the application into […]
Cross-site Scripting (XSS) is a client-side code injection attack in which an attacker can execute malicious scripts to victim site or web application. XSS occurs when a web application makes use of unvalidated or unencoded user input within the output it generates. XSS flaws can be difficult to identify and remove from a web application. XSS attacks categorized into three types […]
Cofence Phishing Defence Center have discovered yet the latest of cybercriminals’ tricks: a phishing campaign that bypasses MFA. Different from other credential harvesting attacks, the scam attempts to trick users into granting permissions to an application that then proceeds to bypass multifactor authentication. Leveraging the OAuth2 framework and OpenID Connect protocol, this campaign’s main goal is to steal user information […]
Nmap has a multitude of options, when you first start playing with this excellent tool, it can be a bit daunting. In this cheat sheet, you will find a series of practical example commands for running Nmap and getting the most of this powerful tool. Nmap Target Selection Scan a single IP nmap 192.168.1.1 Scan a host nmap www.testhostname.com Scan […]
Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer (P2P) botnet written in Golang that has been actively targeting SSH servers since January 2020. Called “FritzFrog,” the modular, multi-threaded and file-less botnet has breached more than 500 servers to date, infecting well-known universities in the US and Europe, and a railway company, according to a report released by […]
Jenkins—a popular open-source automation server software—published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed. Tracked as CVE-2019-17638, the flaw has a CVSS rating of 9.4 and impacts Eclipse Jetty versions 9.4.27.v20200227 to 9.4.29.v20200521—a full-featured tool that provides a Java HTTP server and […]
Microsoft has issued an emergency out-of-band software update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems to patch two new recently disclosed security vulnerabilities. Tracked as CVE-2020-1530 and CVE-2020-1537, both flaws reside in the Remote Access Service (RAS) in a way it manages memory and file operations and could let remote attackers gain elevated privileges after […]
Latest in Cyber Security