Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 2 Sessions
This blog post is part 2 of a two-part blog series recapping Rapid7’s Black Hat debriefs as part of Virtual...
hacking
ProctorU – 444,453 breached accounts
In June 2020, the online exam service ProctorU suffered a data breach which was subsequently shared extensively across online...
TA551 (Shathak) Word docs push IcedID (Bokbot)
Introduction I've been tracking malicious Word documents from the TA551 (Shathak) campaign This year, we've seen a lot of Valak...
A Fork of the FTCode Powershell Ransomware, (Thu, Aug 6th)
Yesterday, I found a new malicious Powershell script that deserved to be analyzed due to the way it was dropped...
Gtunnel – A Robust Tunelling Solution Written In Golang
A TCP tunneling suite built with golang and gRPC. gTunnel can manage multiple forward and reverse tunnels that are all...
Taowu – A CobaltStrike Toolkit
TaoWu(檮杌) is a CobaltStrike toolkit. All the scripts are gathered on the Internet and slightly modified by myself. You can...
Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 1 Sessions
Boy, oh boy, has Black Hat changed. Where we once looked up at the neon lights of Las Vegas, we...
Metasploit 6 Now Under Active Development
Today the Metasploit team is pleased to announce active development of Metasploit Framework 6.0, available now for testing and community...
UEFI_RETool – A Tool For UEFI Firmware Reverse Engineering
A tool for UEFI firmware reverse engineering.UEFI firmware analysis with uefi_retool.py scriptUsage:Copy ida_plugin/uefi_analyser.py script and ida_plugin/uefi_analyser directory to IDA plugins...
Netenum – A Tool To Passively Discover Active Hosts On A Network
Network reconnaisance tool that sniffs for active hostsIntroductionNetenum passively monitors the ARP traffic on the network. It extracts basic data...
DLInjector-GUI – DLL Injector Graphical User Interface
DLInjector for Graphical User Interface.Faster DLL Injector for processes. It targets the process name to identify the target. The process...
Xeca – PowerShell Payload Generator
xeca is a project that creates encrypted PowerShell payloads for offensive purposes.Creating position independent shellcode from DLL files is also...
InsightIDR Now Connects to Zoom for Easy Monitoring
Zoom adoption has skyrocketed with spikes in remote working, but web application security needs to be a top priority to...
Cnitch – Container Snitch Checks Running Processes Under The Docker Engine And Alerts If Any Are Found To Be Running As Root
cnitch (snitch or container snitch) is a simple framework and command line tool for monitoring Docker containers to identify any...
Mistica – An Open Source Swiss Army Knife For Arbitrary Communication Over Application Protocols
Mística is a tool that allows to embed data into application layer protocol fields, with the goal of establishing a...
DeimosC2 – A Golang Command And Control Framework For Post-Exploitation
DeimosC2 is a post-exploitation Command & Control (C2) tool that leverages multiple communication methods in order to control machines that...
EternalBlueC – EternalBlue Suite Remade In C/C++ Which Includes: MS17-010 Exploit, EternalBlue Vulnerability Detector, DoublePulsar Detector And DoublePulsar Shellcode & DLL Uploader
EternalBlue suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode ms17_vuln_status.cpp...
CWFF – Create Your Custom Wordlist For Fuzzing
CWFF is a tool that creates a special High quality fuzzing/content discovery wordlist for you at the highest speed possible...
Cloudsplaining – An AWS IAM Security Assessment Tool That Identifies Violations Of Least Privilege And Generates A Risk-Prioritized Report
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report.Example...
Kubei – A Flexible Kubernetes Runtime Scanner
Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes...
dazzleUP – A Tool That Detects The Privilege Escalation Vulnerabilities Caused By Misconfigurations And Missing Updates In The Windows OS
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP...
uDork – Tool That Uses Advanced Google Search Techniques To Obtain Sensitive Information In Files Or Directories, Find IoT Devices, Detect Versions Of Web Applications, And So On
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files...
Open Source Security Meetup (OSSM): Virtual Edition
The Rapid7 Metasploit team is taking a page from DEF CON’s “SAFE MODE” operations this year, hosting our annual Open...
Cloud Best Practices Every Security Professional Should Know
In part one of this two-part series on the cloud and cloud security for security professionals, we dove into everything...
