Cyber Security
IconJector This is a Windows Explorer DLL injection technique that uses the change icon dialog on Windows. https://github.com/0xda568/IconJector/assets/61665703/bbf53775-ad8d-422b-b186-663ff5074976 How does it work? Firstly, a folder is created in the temp directory, and the properties of the folder are opened using SHObjectProperties. To retrieve the handle of the window independently of the system language, EnumWindows is
Project that generates Malicious Office Macro Enabled Dropper for DLL SideLoading and Embed it in Lnk file to bypass MOTW Install requirements pip install -r requirements.txt Video Demonstration https://github.com/SaadAhla/dropper/assets/123980007/7db05d2c-05e5-4a70-b967-6faecd7a296e Direct View On Github
Information Obtained Discover online mentions of a query or username. Identify potential social profiles and forums. — NOTE: Hello World 🌍 👋 - Updated 5/11/2024 - Happy OSINTing!. 😉 — Support Server Help us grow our discord server or contact support by joining up with us today! https://discord.com/invite/rwjNemwere Compatibility and Future Releases 📱 Mobile Compatibility:
https://github.com/rhasspy/piper A fast, local neural text to speech system that sounds great and is optimized for the Raspberry Pi 4. Piper is used in a variety of projects. echo 'Welcome to the world of speech synthesis!' | \ ./piper --model en_US-lessac-medium.onnx --output_file welcome.wav Voices Our goal is to support Home Assistant and the Year of Voice. Download
https://github.com/ai-collection/ai-collection The Generative AI Landscape – A Collection of Awesome Generative AI Applications A hand-picked list of awesome AI applications featured on AI Collection If your AI application deserves a spot on this hand-picked list, please talk to me: Email Pavel To see the full collection of AI Applications in legacy table view, go here Index
https://github.com/Aditya-dom/moonwalk-back Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. moonwalk-back is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of system logs pre-exploitation and reverts that state including the filesystem timestamps post-exploitation leaving zero traces of a ghost in
https://github.com/productiveops/dokemon Dokémon is a friendly GUI for managing Docker Containers. You can manage multiple servers from a single Dokemon instance. Check https://dokemon.dev for more details. Production Usage We recommend that you run Dokemon on a private network whenever possible. If you are running on a VPS with only public access, we recommend that you use an SSL
https://github.com/doyensec/inql InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. 🌟 Features The InQL user interface is equipped with two primary components: the Scanner and the Attacker. 🔎 Scanner The Scanner is the core of InQL v5.0, where you can analyze a GraphQL endpoint or a local
https://github.com/d0ge/sessionless Sessionless is a Burp Suite extension for editing, signing, verifying, attacking signed tokens: Django TimestampSigner, ItsDangerous Signer, Express cookie-session middleware, OAuth2 Proxy and Tornado’s signed cookies. It provides automatic detection and in-line editing of token within HTTP requests/responses and WebSocket messages, signing of tokens and automation of brute force attacks against signed tokens implementations. It was inspired by Fraser Winterborn
https://github.com/syvaidya/openstego OpenStego is a steganography application that provides two functionalities: a) Data Hiding: It can hide any data within an image file. b) Watermarking: Watermarking image files with an invisible signature. It can be used to detect unauthorized file copying. OpenStego is a steganography application that provides two functionalities: Usage For GUI: Use menu shortcut
https://github.com/gchq/CyberChef https://gchq.github.io/CyberChef The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and
https://github.com/akamai/ddspoof DDSpoof is a tool that enables DHCP DNS Dynamic Update attacks against Microsoft DHCP servers in AD environments. For additional information, please refer to our blog posts: For information on how to mitigate DDSpoofing attacks in your networks, please refer to Invoke-DHCPCheckup.ps1 Setup Usage Commandline arguments: At startup, DDSpoof will perform the following: After the
https://github.com/Hackmanit/TInjA Features Supported Template Engines .NET Elixir Go Java JavaScript PHP Python Ruby Installation Option 1: Prebuilt Binary Prebuilt binaries of TInjA are provided on the releases page. Option 2: Install Using Go Requirements: go1.21 or higher go install -v github.com/Hackmanit/TInjA@latest
https://github.com/Unit-259/DataBouncing Data Bouncing is a technique for transmitting data between two endpoints using DNS lookups and HTTP header manipulation. This PowerShell version encapsulates core functionalities of data bouncing, including reconnaissance, data exfiltration, and file reassembly, based on a proof of concept (PoC) by John and Dave. More details can be found at The Contractor. This
In an era where cybersecurity is of paramount importance, the exchange of knowledge and insights among professionals and enthusiasts becomes crucial. Telegram, a popular messaging app, has emerged as a hub for various communities, including cybersecurity experts and enthusiasts. The top 10 Telegram cybersecurity groups you must join in 2023 are highlighted in the list
For the purposes of this article, I would like to distinguish two topics: Vulnerability Details describing single security issue raised as a part of bigger report or bug bounty activities; A Formal Vulnerability Report is created as a result of security assessments and may contain more than one vulnerability. Vulnerability details describes single security issue or
- 1
- 2
