Security Tools, Scripts and Tricks

By Kevin Wharram | Kevin Wharram created a magazine on Flipboard. “Security Tools, Scripts and Tricks on Flipboard” is available with thousands of other magazines and all the news you care about. Download Flipboard for free and search for “Kevin Wharram”.

FireEye Labs Obfuscated String Solver

Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of …

Cybersecurity

Subdomain enumeration

A friend recently asked me what methods I use to find subdomains. To be honest I was confused, like <i>“oooohhh so much, brute force mmm… zone transfer</i> …

Information Security

PenCrawLer - An Advanced Web Crawler And DirBuster

An Advanced Web Crawler and DirBuster PeNCrawLer is an advanced webcrawler and dirbuster designed to using in penetration testing based on Windows Os.<p>…

Information Security

Automating an Active Directory Audit in PowerShell

So I’ve started doing a few active directory audits recently and noticed that I’m repeating myself over and over again.<p>As such I’ve decided to write …

Forensics

Hack the Box Challenge Lazy Walkthrough

Hello Friends!! Today we are going to solve a CTF Challenge “Lazy”. It is a lab that is developed by Hack the Box. They have an amazing collection of …

Subfinder - Subdomain Discovery Tool That Can Discover Massive Amounts Of Valid Subdomains For Any Target

SubFinder is a subdomain discovery tool that uses various techniques to discover massive amounts of subdomains for any target. It has been aimed as a …

Forensics

Volatility, my own cheatsheet (Part 1): Image Identification

In order to start a memory analysis with Volatility, the identification of the type of memory image is a mandatory step.<br>Here some usefull …

Linux

Dump cleartext credentials from memory: MimiPenguin

A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz.<p>Takes advantage …

Forensics

reversing/find_interesting_xor.py at master · arbor/reversing

# Author: Jason Jones, Arbor Networks ASERT<p>########################################################################<p># Copyright 2013 Arbor Networks<p># …

Cybersecurity

Targeted Geolocation Framework: HoneyBadger v2

HoneyBadger is a framework for targeted geolocation. While honeypots are traditionally used to passively detect malicious actors, HoneyBadger is an …

Forensics

Git-All-Secrets - A Tool To Capture All The Git Secrets By Leveraging Multiple Open Source Git Searching Tools

git-all-secrets is a tool that can:<br>• Clone multiple public/private github repositories of an organization and scan them,<br>• Clone multiplepublic/private …

DevOps

Introducing Snallygaster - a Tool to Scan for Secrets on Web Servers

A few days ago I figured out that several blogs operated by T-Mobile Austria had a Git repository exposed which included their wordpress …

Information Security

Solving Ad-hoc Problems with Hex-Rays API

Introduction IDA Pro is the de facto standard when it comes to binary reverse engineering. Besides being a great disassembler and debugger, it is …

Cybersecurity

PowerLessShell

PowerLessShell rely on MSBuild.exe to remotely execute PowerShell scripts and commands without spawning powershell.exe. You can also execute raw …

Cybersecurity

MalPipe

MalPipe is a modular malware (and indicator) collection and processing framework. It is designed to pull malware, domains, URLs and IP addresses from …

Python Programming

Blue Team fundamentals Part Two: Windows Processes.

In part one I touched on logging and the importance of working with what you have already got, rather than trying to reinvent the wheel. There is no …

Cybersecurity

C2 Hunting

For an adversary to be successful in your environment they will need a way to enter and leave your network. This can obviously happen in many …

AutoRun Script on Metasploit Framework • Penetration Testing

In Metasploit it supports an interesting feature called AutoRunScript. This feature can enable users to specify the module operation by creating the …

Diggy - Extract Enpoints From APK Files

Diggy can extract endpoints/URLs from apk files. It saves the result into a txt file for further processing.<b><br>Dependencies</b><br>• apktool<b><br>Usage</b><br>You can also …

DFIR Tools

Results 1 - 10 of 10 <b>This Category</b> · All Listings<p>Buscador is a Linux Virtual Machine that is pre-configured for online investigators.<p>FLARE VM New!<p>As a …

Linux

Unveiling Cortex 2

TheHive Project’s Master Chefs are extremely happy to share, for free their latest recipe with the Cyber Threat Intelligence, Digital Forensics and …

Nonprofits

Monitoring Windows Console Activity (Part 1)

IntroductionWhile performing incident response, Mandiant encounters attackers actively using systems on a compromised network. This activity often …

Cybersecurity

LTR101 - Disposable Attack Containers (DAC)

For those of you who follow me on Twitter and the Internet, you might have seen recently I've been playing around with Docker. Frankly if it wasn't …

DevOps

Intro to basic Disassembly & Reverse Engineering

Greetings! Continuing from my first blog about the journey of reverse engineering, I’d like to make a quick post about the fundamentals of code …

Engineering

Hack the Box Challenge: Popcorn Walkthrough

Hello friends!! Today we are going to solve another CTF challenge “<b>Popcorn</b>” which is available online for those who want to increase their skill in …

PowerShell: Documenting your environment by running systeminfo on all Domain-Computers

By on 9. August 2017 • ( 6 Comments )<p>Systeminfo gives you a perfect overview of your system. But what about the other systems in your domain? Sure, …

Your new friend, KLara

While doing threat research, teams need a lot of tools and systems to aid their hunting efforts – from systems storing Passive DNS data and automated …

Forensics

The phenomenon of smart contract honeypots

Hardly a week passes without large scale hacks in the crypto world. It’s not just centralised exchanges that are targets of attackers. Successful …