More results...
When looking for vulnerabilities of interest, it’s always a good option to look for vulnerabilities used at pwn2own. Indeed, these vulnerabilities are exploited during the competition, meaning they have a practical impact. Finding The Root Cause Starting with the ZDI’s advisory of the vulnerability, it is possible to get enough details to look for the root cause. […]
Antivirus REDucer for Antivirus REDteaming. Avred tries to provide as much context and information about each match as possible when identifying which portions of a file an antivirus has identified. Avred is a new tool that breaks down how antivirus programs work and shows exactly which parts of a file cause antivirus alerts. This tool […]
osintgpt is a Python package for leveraging OpenAI’s GPT models to analyze text data and perform tasks such as calculating text embeddings, searching for similar documents, and more. It is designed for use in open-source intelligence (OSINT) applications and research. Installation You can install the osintgpt package using pip. Given the recent changes and updates, it is highly […]
Meet Supernova, the new and improved shellcode encryption tool made for today’s ethical hackers. Supernova is written in Golang and works with both Windows and Linux. It has a wide range of encryption ciphers, such as ROT, XOR, RC4, and AES. What makes it different? It’s not just an encryptor; it also changes your encrypted […]
By readapting the safetydump rust library (many thanks to the author!!!), I have been able to EASILY bypass all the countermeasures put in place by most EDRs, except Kaspersky EDR, and TrendMicro (new detection, from a couple hours ago) dbghelp!MiniDumpWriteDump with a custom callback could be used, until a year ago, to bypass most antivirus […]
NucleiFuzzer is an automation tool that combines and enhances web application security testing. It uses ParamSpider to identify potential entry points and Nuclei’s templates to scan for vulnerabilities. NucleiFuzzer streamlines the process, making it easier for security professionals and web developers to detect and address security risks efficiently. Download NucleiFuzzer to protect your web applications from vulnerabilities and attacks. Note: Nuclei + Paramspider = NucleiFuzzer Tools Included: ParamSpider […]
SysReptor is a fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike. You can create designs based on simple HTML and CSS, write your reports in user-friendly Markdown and convert them to PDF with just a single click, in the cloud or self-hosted! Your Benefits SysReptor Cloud You […]
PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit. If you are a chrome user you can check https://github.com/nccgroup/autochrome. Features Single click BurpProxy Connect to Burp with a simple click, this will probably remove the need for other addons like foxyProxy. However if you need the extra features provided by foxyProxy you […]
A hacking tool is a piece of software that can be used for different things in cybersecurity and vulnerability testing. These tools help security workers find weaknesses, test security measures, and figure out how strong networks, apps, and systems are. They can be used both offensively and defensively, which helps improve cybersecurity methods as a […]
padre is an advanced exploiter and Padding Oracle attack tool that can be deployed against CBC mode encryption.