Useful tools for searching for WebCams, Information Channels and public access Wifi for the collection of information useful for analysis activities
https://github.com/CScorza/OSINTSurveillance
https://github.com/CScorza/OSINTSurveillance
What Are Server-Side Request Forgeries And How To Exploit Them
https://blog.novasec.io/what-are-server-side-request-forgeries-ssrf-and-how-to-exploit-them
https://blog.novasec.io/what-are-server-side-request-forgeries-ssrf-and-how-to-exploit-them
npm search RCE? - Escape Sequence Injection
https://blog.solidsnail.com/posts/npm-esc-seq
https://blog.solidsnail.com/posts/npm-esc-seq
Introducing YARA-Forge
https://cyb3rops.medium.com/introducing-yara-forge-a77cbb77dcab
https://cyb3rops.medium.com/introducing-yara-forge-a77cbb77dcab
Android Banking Trojan Chameleon is Back in Action
https://www.threatfabric.com/blogs/android-banking-trojan-chameleon-is-back-in-action
https://www.threatfabric.com/blogs/android-banking-trojan-chameleon-is-back-in-action
Windows CLFS and five exploits used by ransomware operators
https://securelist.com/windows-clfs-exploits-ransomware
https://securelist.com/windows-clfs-exploits-ransomware
WAZAWAKA_TLPCLEAR_Report.pdf
16.7 MB
Understanding The Workings of Russian Hacker "Wazawaka"
https://25491742.fs1.hubspotusercontent-eu1.net/hubfs/25491742/WAZAWAKA_TLPCLEAR_Report.pd
https://25491742.fs1.hubspotusercontent-eu1.net/hubfs/25491742/WAZAWAKA_TLPCLEAR_Report.pd
codecave hook: reverse engineering toolkit
https://github.com/byte2mov/codecave-hook
https://github.com/byte2mov/codecave-hook
Just another C2 Redirector using CloudFlare
https://github.com/som3canadian/Cloudflare-Redirector
https://github.com/som3canadian/Cloudflare-Redirector
SharpHIBP: A C# Tool to gather information about email breaches
https://github.com/dmcxblue/SharpHIBP
https://github.com/dmcxblue/SharpHIBP
smtpsmug: Script to help analyze mail servers for SMTP Smuggling vulnerabilities.
https://github.com/hannob/smtpsmug
https://github.com/hannob/smtpsmug
sessionless: TokenSigner is a Burp Suite extension for editing, signing, verifying various signed web tokens
https://github.com/d0ge/sessionless
https://github.com/d0ge/sessionless
AuthLogParser: is a powerful DFIR tool designed specifically for analyzing Linux authentication logs, commonly known as auth.log
https://github.com/YosfanEilay/AuthLogParser
https://github.com/YosfanEilay/AuthLogParser
SSH ProxyCommand == unexpected code execution (CVE-2023-51385)
https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce
https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce
This repository implements Threadless Injection in C
https://github.com/lsecqt/ThreadlessInject-C
https://github.com/lsecqt/ThreadlessInject-C
A simple dependency injection library for Rust
https://github.com/m1guelpf/silhouette
https://github.com/m1guelpf/silhouette
Leveraging Microsoft Protection Logging for Forensic Investigations
https://www.crowdstrike.com/blog/how-to-use-microsoft-protection-logging-for-forensic-investigations
https://www.crowdstrike.com/blog/how-to-use-microsoft-protection-logging-for-forensic-investigations
Shadow-Pulse: information about ransomware groups (Ransomware Analysis Notes)
https://github.com/StrangerealIntel/Shadow-Pulse/
https://github.com/StrangerealIntel/Shadow-Pulse/
EDRSilencer: A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server
https://github.com/netero1010/EDRSilencer
https://github.com/netero1010/EDRSilencer
Silly EDR Bypasses and Where To Find Them
https://malwaretech.com/2023/12/silly-edr-bypasses-and-where-to-find-them
https://malwaretech.com/2023/12/silly-edr-bypasses-and-where-to-find-them