Security Tools, Scripts and Tricks
By Kevin Wharram | Kevin Wharram created a magazine on Flipboard. “Security Tools, Scripts and Tricks on Flipboard” is available with thousands of other magazines and all the news you care about. Download Flipboard for free and search for “Kevin Wharram”.
FireEye Labs Obfuscated String Solver
Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of …
CybersecuritySubdomain enumeration
A friend recently asked me what methods I use to find subdomains. To be honest I was confused, like <i>“oooohhh so much, brute force mmm… zone transfer</i> …
Information SecurityPenCrawLer - An Advanced Web Crawler And DirBuster
An Advanced Web Crawler and DirBuster PeNCrawLer is an advanced webcrawler and dirbuster designed to using in penetration testing based on Windows Os.<p>…
Information SecurityAutomating an Active Directory Audit in PowerShell
So I’ve started doing a few active directory audits recently and noticed that I’m repeating myself over and over again.<p>As such I’ve decided to write …
ForensicsHack the Box Challenge Lazy Walkthrough
Hello Friends!! Today we are going to solve a CTF Challenge “Lazy”. It is a lab that is developed by Hack the Box. They have an amazing collection of …
Subfinder - Subdomain Discovery Tool That Can Discover Massive Amounts Of Valid Subdomains For Any Target
SubFinder is a subdomain discovery tool that uses various techniques to discover massive amounts of subdomains for any target. It has been aimed as a …
ForensicsVolatility, my own cheatsheet (Part 1): Image Identification
In order to start a memory analysis with Volatility, the identification of the type of memory image is a mandatory step.<br>Here some usefull …
LinuxDump cleartext credentials from memory: MimiPenguin
A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz.<p>Takes advantage …
Forensicsreversing/find_interesting_xor.py at master · arbor/reversing
# Author: Jason Jones, Arbor Networks ASERT<p>########################################################################<p># Copyright 2013 Arbor Networks<p># …
CybersecurityTargeted Geolocation Framework: HoneyBadger v2
HoneyBadger is a framework for targeted geolocation. While honeypots are traditionally used to passively detect malicious actors, HoneyBadger is an …
ForensicsGit-All-Secrets - A Tool To Capture All The Git Secrets By Leveraging Multiple Open Source Git Searching Tools
git-all-secrets is a tool that can:<br>• Clone multiple public/private github repositories of an organization and scan them,<br>• Clone multiplepublic/private …
DevOpsIntroducing Snallygaster - a Tool to Scan for Secrets on Web Servers
A few days ago I figured out that several blogs operated by T-Mobile Austria had a Git repository exposed which included their wordpress …
Information SecuritySolving Ad-hoc Problems with Hex-Rays API
Introduction IDA Pro is the de facto standard when it comes to binary reverse engineering. Besides being a great disassembler and debugger, it is …
CybersecurityPowerLessShell
PowerLessShell rely on MSBuild.exe to remotely execute PowerShell scripts and commands without spawning powershell.exe. You can also execute raw …
CybersecurityMalPipe
MalPipe is a modular malware (and indicator) collection and processing framework. It is designed to pull malware, domains, URLs and IP addresses from …
Python ProgrammingBlue Team fundamentals Part Two: Windows Processes.
In part one I touched on logging and the importance of working with what you have already got, rather than trying to reinvent the wheel. There is no …
CybersecurityC2 Hunting
For an adversary to be successful in your environment they will need a way to enter and leave your network. This can obviously happen in many …
AutoRun Script on Metasploit Framework Penetration Testing
In Metasploit it supports an interesting feature called AutoRunScript. This feature can enable users to specify the module operation by creating the …
Diggy - Extract Enpoints From APK Files
Diggy can extract endpoints/URLs from apk files. It saves the result into a txt file for further processing.<b><br>Dependencies</b><br>• apktool<b><br>Usage</b><br>You can also …
DFIR Tools
Results 1 - 10 of 10 <b>This Category</b> · All Listings<p>Buscador is a Linux Virtual Machine that is pre-configured for online investigators.<p>FLARE VM New!<p>As a …
LinuxUnveiling Cortex 2
TheHive Project’s Master Chefs are extremely happy to share, for free their latest recipe with the Cyber Threat Intelligence, Digital Forensics and …
NonprofitsMonitoring Windows Console Activity (Part 1)
IntroductionWhile performing incident response, Mandiant encounters attackers actively using systems on a compromised network. This activity often …
CybersecurityLTR101 - Disposable Attack Containers (DAC)
For those of you who follow me on Twitter and the Internet, you might have seen recently I've been playing around with Docker. Frankly if it wasn't …
DevOpsIntro to basic Disassembly & Reverse Engineering
Greetings! Continuing from my first blog about the journey of reverse engineering, I’d like to make a quick post about the fundamentals of code …
EngineeringHack the Box Challenge: Popcorn Walkthrough
Hello friends!! Today we are going to solve another CTF challenge “<b>Popcorn</b>” which is available online for those who want to increase their skill in …
PowerShell: Documenting your environment by running systeminfo on all Domain-Computers
By on 9. August 2017 ( 6 Comments )<p>Systeminfo gives you a perfect overview of your system. But what about the other systems in your domain? Sure, …
Your new friend, KLara
While doing threat research, teams need a lot of tools and systems to aid their hunting efforts – from systems storing Passive DNS data and automated …
ForensicsThe phenomenon of smart contract honeypots
Hardly a week passes without large scale hacks in the crypto world. It’s not just centralised exchanges that are targets of attackers. Successful …