A tool to dump Java serialization streams in a more human readable form.
https://github.com/NickstaDB/SerializationDumper
https://github.com/NickstaDB/SerializationDumper
GitHub
GitHub - NickstaDB/SerializationDumper: A tool to dump Java serialization streams in a more human readable form.
A tool to dump Java serialization streams in a more human readable form. - NickstaDB/SerializationDumper
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project
https://github.com/GhostPack/Rubeus
https://github.com/GhostPack/Rubeus
GitHub
GitHub - GhostPack/Rubeus: Trying to tame the three-headed dog.
Trying to tame the three-headed dog. Contribute to GhostPack/Rubeus development by creating an account on GitHub.
jq is such a nifty tool that not nealry enough people know about. If you’re working with json data, even just small bits here and there, it’s worth knowing the basics to make some simple data manipulations possible.
https://0xdf.gitlab.io/2018/12/19/jq.html
https://0xdf.gitlab.io/2018/12/19/jq.html
0xdf hacks stuff
You Need To Know jq
jq is such a nifty tool that not nealry enough people know about. If you’re working with json data, even just small bits here and there, it’s worth knowing the basics to make some simple data manipulations possible. And if you want to become a full on jq…
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
https://github.com/sensepost/reGeorg
https://github.com/sensepost/reGeorg
GitHub
GitHub - sensepost/reGeorg: The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and…
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn. - sensepost/reGeorg
Mapping suppliers of Personal Protective Equipment (PPE) with Aleph and Maltego
https://www.maltego.com/blog/mapping-suppliers-of-personal-protective-equipment-ppe-with-aleph-and-maltego/
https://www.maltego.com/blog/mapping-suppliers-of-personal-protective-equipment-ppe-with-aleph-and-maltego/
Maltego
Mapping suppliers of Personal Protective Equipment (PPE) with Aleph and Maltego
In this article, we’ll walk through an investigation we conducted to find and map a network of suppliers of such PPE across Europe and other geographies, using a prototype integration of the OCCRP’s Aleph data platform.
Intro to Shellcode Analysis: Tools and Techniques
https://www.sans.org/webcasts/intro-shellcode-analysis-tools-techniques-113610
https://www.sans.org/webcasts/intro-shellcode-analysis-tools-techniques-113610
www.sans.org
Intro to Shellcode Analysis: Tools and Techniques - SANS Institute
Frequently in malware investigations, we come across shellcode used after exploiting a vulnerability or being injected into a process. In this webcast, we'll look at some of the tools and techniques the malware analyst can use to start investigating what…
r2con is a the annual conference about radare2
The conference aims to gather all the r2 users and developers around the world to
enjoy a 4 day event full of experiments, hacking, teaching, discussing and coding
stuff while having fun and drinking beers (safely at home).
https://rada.re/con/2020/
The conference aims to gather all the r2 users and developers around the world to
enjoy a 4 day event full of experiments, hacking, teaching, discussing and coding
stuff while having fun and drinking beers (safely at home).
https://rada.re/con/2020/
This tool allows you to evade sysmon and windows event logging
https://github.com/bats3c/ghost-in-the-logs/
https://github.com/bats3c/ghost-in-the-logs/
GitHub
GitHub - bats3c/Ghost-In-The-Logs: Evade sysmon and windows event logging
Evade sysmon and windows event logging. Contribute to bats3c/Ghost-In-The-Logs development by creating an account on GitHub.
Well explained about FIleless Malware.
Fileless Malware 101: Understanding Non-Malware Attacks
https://www.cybereason.com/blog/fileless-malware
Fileless Malware 101: Understanding Non-Malware Attacks
https://www.cybereason.com/blog/fileless-malware
Cybereason
Fileless Malware 101: Understanding Non-Malware Attacks
Fileless malware abuses legitimate tools to carry out attacks. Read about fileless malware with examples from real world attacks.
CALDERA: Automating Adversary Emulation
https://www.youtube.com/watch?v=fx3635hLewg
https://www.youtube.com/watch?v=fx3635hLewg
YouTube
CALDERA: Automating Adversary Emulation
Adversarial assessment of a network is a critical part of securing and hardening it; done successfully, an adversarial assessment will replicate the techniques of an adversary in a realistic way. Instead of exclusively leveraging exploits, real adversaries…
These are all resource that are used to setup the Kubernetes Easter CTF. The CTF was hosted on http://k8s-ctf.rocks/ and ended with the end of eastern.
https://github.com/NodyHub/k8s-ctf-rocks
https://github.com/NodyHub/k8s-ctf-rocks
GitHub
GitHub - NodyHub/k8s-ctf-rocks: Kubernetes Easter CTF
Kubernetes Easter CTF. Contribute to NodyHub/k8s-ctf-rocks development by creating an account on GitHub.
Standalone binaries for Linux/Windows of Impacket's examples
https://github.com/ropnop/impacket_static_binaries
https://github.com/ropnop/impacket_static_binaries
GitHub
GitHub - ropnop/impacket_static_binaries: Standalone binaries for Linux/Windows of Impacket's examples
Standalone binaries for Linux/Windows of Impacket's examples - ropnop/impacket_static_binaries
Educational, CTF-styled labs for individuals interested in Memory Forensics
https://github.com/stuxnet999/MemLabs
https://github.com/stuxnet999/MemLabs
GitHub
GitHub - stuxnet999/MemLabs: Educational, CTF-styled labs for individuals interested in Memory Forensics
Educational, CTF-styled labs for individuals interested in Memory Forensics - stuxnet999/MemLabs
Escalation Defenses: AD guardrails every company should deploy
https://www.secframe.com/blog/escalation-defenses-ad-guardrails-every-company-should-deploy
https://www.secframe.com/blog/escalation-defenses-ad-guardrails-every-company-should-deploy
Secframe
Escalation Defenses: AD guardrails every company should deploy
These 3 items deployed greatly increase your security footprint. They are simple. They are quick. They are necessary. They are hardly deployed anywhere