help-circle
rss
VMware Authentication Bypass Vulnerability (CVE-2022-22972) Technical Deep Dive
external-link
1
VMware Authentication Bypass Vulnerability (CVE-2022-22972) Technical Deep Dive
Clé de détermination des principaux codes secrets
external-link
1
Clé de détermination des principaux codes secrets
PacketStreamer: Distributed tcpdump for cloud native environments
external-link
Deepfence PacketStreamer is a high-performance remote packet capture and collection tool. It is used by Deepfence's ThreatStryker security observability platform to gather network traffic on demand from cloud workloads for forensic analysis. Primary design goals: Stay light, capture and stream, no additional processing Portability, works across virtual machines, Kubernetes and AWS Fargate. Linux and Windows
1
PacketStreamer: Distributed tcpdump for cloud native environments
Dissecting the last version of Conti Ransomware using a step-by-step approach – CYBER GEEKS
1
Dissecting the last version of Conti Ransomware using a step-by-step approach – CYBER GEEKS
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks - Praetorian
external-link
1
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks - Praetorian
Public Incident Response Ressources / Public Playbooks · GitLab
external-link
This repository contains all the Incident Response Playbooks and Workflows of Company's SOC. Each folder contains a Playbook that is broken down into 6 section as per NIST - 800.61 r2
1
Public Incident Response Ressources / Public Playbooks · GitLab
A tale of EDR bypass methods | S3cur3Th1sSh1t
In a time full of ransomware as well as Advanced persistent Thread (APT) incidents the importance of detecting those attacking groups has become increasingly important...
1
A tale of EDR bypass methods | S3cur3Th1sSh1t
Labtainers: A Docker-based cyber lab framework
external-link
Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or install on a Linux system and your students are done with provisioning and administrative setup, for these and future lab exercises. Consistent lab execution environments and automated provisioning via Docker containers Multi-component network topologies on a modestly performing laptop computer Automated assessment of student lab activity and progress Individualized lab exercises to discourage sharing solutions
1
Labtainers: A Docker-based cyber lab framework
S'approprier la méthode OSINT : le guide pratique
external-link
1
S'approprier la méthode OSINT : le guide pratique
warhorse is a tool for helping automating RedTeam infra deployment using Terraform & Ansible to deploy and configure virtual machines for a wide range of use cases
external-link
Warhorse consists of a fully-featured Ansible playbook to deploy infrastructure in the cloud for conducting security assessments. The Playbook combines Terraform & Ansible to deploy and configure virtual machines for a wide range of use cases. This Playbook is highly customizable and includes operational security. No experience with Ansible or Terraform is required to use this Playbook.
1
warhorse is a tool for helping automating RedTeam infra deployment using Terraform & Ansible to deploy and configure virtual machines for a wide range of use cases
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/s
external-link
1
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/s
Uncoder.IO | Universal Sigma Rule Converter for SIEM, EDR, and NTDR
1
Uncoder.IO | Universal Sigma Rule Converter for SIEM, EDR, and NTDR
moonwalk: Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
external-link
Moonwalk, un des (rares) outils de couverture de traces. L'effacement des traces et la dernière étape methodo du pentest, et malheureusement très sous estimée.
1
moonwalk: Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
Dora : Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
external-link
1
Dora : Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
maltego-transforms-list: A list of tools that handle different data and make it usable in Maltego.
external-link
1
maltego-transforms-list: A list of tools that handle different data and make it usable in Maltego.
Azure-Red-Team: Azure Security Resources and Notes
external-link
Une Cheat Sheet pour les pentests Azure.
1
Azure-Red-Team: Azure Security Resources and Notes
package-analysis: Open Source Package Analysis
external-link
This repo contains a few components to aid in the analysis of open source packages, in particular to look for malicious software.
1
package-analysis: Open Source Package Analysis
efiXplorer: IDA plugin for UEFI firmware analysis and reverse engineering automation
external-link
Supported versions of Hex-Rays products: everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations.
1
efiXplorer: IDA plugin for UEFI firmware analysis and reverse engineering automation
GitHub - sebdraven/IOCmite: Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
external-link
1
GitHub - sebdraven/IOCmite: Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
badkeys : Tool and library to check cryptographic public keys for known vulnerabilities
external-link
badkeys checks public keys in a variety of formats for known vulnerabilities.
1
badkeys : Tool and library to check cryptographic public keys for known vulnerabilities