CISA: CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide
CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide Today, the Cybersecurity and Infrastructure Security Agency (CISA), the National...
Security
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities Today, CISA, in response to active, widespread exploitation, released...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP)
CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP) Today, the Cybersecurity and Infrastructure...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on October 19, 2023. This...
CISA: CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198...
GATOR – GCP Attack Toolkit For Offensive Research, A Tool Designed To Aid In Research And Exploiting Google Cloud Environments
GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments....
Commander – A Command And Control (C2) Server
Commander is a command and control framework (C2) written in Python, Flask and SQLite. It comes with two agents written in...
SecuSphere – Efficient DevSecOps
SecuSphere is a comprehensive DevSecOps platform designed to streamline and enhance your organization's security posture throughout the software development life...
Posh C2 Detected – 193[.]36[.]15[.]250:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
ILSpy – .NET Decompiler With Support For PDB Generation, ReadyToRun, Metadata (and More) – Cross-Platform!
ILSpy is the open-source .NET assembly browser and decompiler. Decompiler Frontends Aside from the WPF UI ILSpy (downloadable via Releases,...
Posh C2 Detected – 88[.]210[.]9[.]139:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Gcp_Scanner – A Comprehensive Scanner For Google Cloud
This is a GCP resource scanner that can help determine what level of access certain credentials possess on GCP. The...
JSpector – A Simple Burp Suite Extension To Crawl JavaScript (JS) Files In Passive Mode And Display The Results Directly On The Issues
JSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs, endpoints and dangerous...
HBSQLI – Automated Tool For Testing Header Based Blind SQL Injection
HBSQLI is an automated command-line tool for performing Header Based Blind SQL injection attacks on web applications. It automates the...
Pyxamstore – Python Utility For Parsing Xamarin AssemblyStore Blob Files
This is an alpha release of an assemblies.blob AssemblyStore parser written in Python. The tool is capable of unpack and...
RecycledInjector – Native Syscalls Shellcode Injector
(Currently) Fully Undetected same-process native/.NET assembly shellcode injector based on RecycledGate by thefLink, which is also based on HellsGate +...
Spoofy – Program That Checks If A List Of Domains Can Be Spoofed Based On SPF And DMARC Records
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records....
Sirius – First Truly Open-Source General Purpose Vulnerability Scanner
Sirius is the first truly open-source general purpose vulnerability scanner. Today, the information security community remains the best and most...
DakshSCRA – Source Code Review Assist
Daksh SCRA (Source Code Review Assist) tool is built to enhance the efficiency of the source code review process, providing...
Chromecookiestealer – Steal/Inject Chrome Cookies Over The DevTools Protocol
Attaches to Chrome using its Remote DevTools protocol and steals/injects/clears/deletes cookies. Heavily inspired by WhiteChocolateMacademiaNut. Cookies are dumped as JSON...
S4UTomato – Escalate Service Account To LocalSystem Via Kerberos
Escalate Service Account To LocalSystem via Kerberos. Traditional Potatoes Friends familiar with the "Potato" series of privilege escalation should know...
Caracal – Static Analyzer For Starknet Smart Contracts
Caracal is a static analyzer tool over the SIERRA representation for Starknet smart contracts. Features Detectors to detect vulnerable Cairo...
