Meet AttackerKB
In 2019, the number of new vulnerabilities published was more than double what we saw in 2016. 2020 is on...
tools
Htbenum – A Linux Enumeration Script For Hack The Box
This script is designed for use in situations where you do not have internet access on a Linux host and...
Domained – Multi Tool Subdomain Enumeration
A domain name enumeration toolThe tools contained in domained requires Kali Linux (preferred) or Debian 7+ and Recon-ngdomained uses several...
Patch Tuesday – April 2020
Global working-from-home routines haven't slowed down Microsoft and its ability to help close up vulnerabilities in their products. This April...
Lollipopz – Data Exfiltration Utility For Testing Detection Capabilities
Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only.Exfiltration How-To/etc/shadow -> HTTP GET...
Sherloq – An Open-Source Digital Image Forensic Toolset
An open source image forensic toolset Introduction"Forensic Image Analysis is the application of image science and domain expertise to interpret...
Remote Work Readiness: How to Keep a Security Mindset
As companies respond to COVID-19, many require their employees to work from home. This migration of the workforce places the...
Inhale – A Malware Analysis And Classification Tool
Inhale is a malware analysis and classification tool that is capable of automating and scaling many static analysis operations.This is...
Privacy Badger – A Browser Extension That Automatically Learns To Block Invisible Trackers
Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to...
Audix – A PowerShell Tool To Quickly Configure The Windows Event Audit Policies For Security Monitoring
Audix will allow for the SIMPLE configuration of Windows Event Audit Policies. Window's Audit Policies are restricted by default. This...
Serverless Prey – Serverless Functions For Establishing Reverse Shells To Lambda, Azure Functions, And Google Cloud Functions
Serverless Prey is a collection of serverless functions (FaaS), that, once launched to a cloud environment and invoked, establish a...
Lunar – A Lightweight Native DLL Mapping Library That Supports Mapping Directly From Memory
A lightweight native DLL mapping library that supports mapping directly from memoryFeaturesImports and delay imports are resolvedRelocations are performedImage sections...
Ps-Tools – An Advanced Process Monitoring Toolkit For Offensive Operations
Having a good technical understanding of the systems we land on during an engagement is a key condition for deciding...
Eavesarp – Analyze ARP Requests To Identify Intercommunicating Hosts And Stale Network Address Configurations (SNACs)
A reconnaissance tool that analyzes ARP requests to identify hosts that are likely communicating with one another, which is useful...
Richkit – Domain Enrichment Toolkit
Richkit is a python3 package that provides tools taking a domain name as input, and returns addtional information on that...
Answers to Three FAQs About the New-and-Improved Cloud Configuration Assessment Remediation Content in InsightVM
Organizations operating in a cloud environment like Amazon Web Services (AWS) face additional security risk challenges that they need to...
Chromepass – Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features:Decrypt Chrome saved paswordsSend a file...
Tentacle – A POC Vulnerability Verification And Exploit Framework
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It...
Self-Isolation, Home Networking, and Open Source: Recog and Rumble
Hey, gang. You know I'm a big open source fan and occasional contributor, so I just wanted to take a...
Shifting Security Conferences to Virtual: The New Face of Events in 2020 and Beyond
On this week’s episode of Security Nation, we had the pleasure of speaking with John Strand, CEO of BlackHills Information...
Tails 4.5 – Live System to Preserve Your Privacy and Anonymity
The Tails team is happy to publish Tails 4.5, the first version of Tails to support Secure Boot.This release also fixes...
MSOLSpray – A Password Spraying Tool For Microsoft Online Accounts (Azure/O365)
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA...
Git-Hound v1.1 – GitHound Pinpoints Exposed API Keys On GitHub Using Pattern Matching, Commit History Searching, And A Unique Result Scoring System
A batch-catching, pattern-matching, patch-attacking secret snatcher.GitHound pinpoints exposed API keys and other sensitive information on GitHub using pattern matching, commit...
8 Steps to Successfully Implement the CIS Top 20 Controls in Your Organization
If you saw the recent Top 10 Malware January 2020 post by the Center for Internet Security (CIS), you may...
