hacking

Guilty Pleas in Major MFA Bypass Scheme Exposed

September 4, 2024

Three men have admitted their roles in operating a notorious website that assisted cybercriminals in bypassing multi-factor authentication (MFA) to...

Attempted Extortion: IT Engineer Charged for Hacking Former Employer

August 29, 2024

A former IT engineer is facing serious charges after an alleged plot to extort his previous employer in Missouri. This...

072224_getty_ng_crowdstrike_outage-29-07-2024

How the CrowdStrike Outage Carved Out New Opportunities for Hackers

July 29, 2024

Following a damaging U.S. government report criticizing Microsoft's cybersecurity practices, which had allowed Chinese hackers access to the email accounts...

FBI and Mandiant Identify Advanced North Korean Hackers Targeting US Defense Technologies

July 27, 2024

The Federal Bureau of Investigation (FBI) and Google-owned cybersecurity firm Mandiant are on the frontlines, working diligently to combat a...

FBI and Mandiant Target North Korean Hackers Stealing US Defense Secrets

July 25, 2024

The FBI, in collaboration with Mandiant, a cybersecurity firm owned by Google, is intensifying efforts to track and disrupt a...

b69ae06176bb6b74e0fd8364329bcbc283f9d97e21318741c11695954e5fdaef

Ashok – A OSINT Recon Tool, A.K.A Swiss Army Knife

June 26, 2024

Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned So Ashok...

6a04932f7c457b980ea827aa1e6425b9afa688719b6d81a417e2b78c6a5c094f

CloudBrute – Awesome Cloud Enumerator

June 25, 2024

A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean,...

1ee3047ee3895ce6392088485d564cc297f25f20746087ad63c0edf3a5e8ec99

Hfinger – Fingerprinting HTTP Requests

June 24, 2024

Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :-) Its main...

34d79a004e331a1ba49694f16a766f05733814c02182da16a31e086437fa289c

VulnNodeApp – A Vulnerable Node.Js Application

June 23, 2024

A vulnerable application made using node.js, express server and ejs template engine. This application is meant for educational purposes only....

4e306d2a0bae6e535b35854d2e249c6748483042dec049b8af0bb608a09d619e

XMGoat – Composed of XM Cyber terraform templates that help you learn about common Azure security issues

June 22, 2024

XM Goat is composed of XM Cyber terraform templates that help you learn about common Azure security issues. Each template...

6f9c34378e6c26a0466be51c8d19614067d48091a09c831ed0c6ae82f7721dd4

Extrude – Analyse Binaries For Missing Security Features, Information Disclosure And More…

June 21, 2024

Analyse binaries for missing security features, information disclosure and more. Extrude is in the early stages of development, and currently...

bbf3a8c377341a41a2ddd69a737af8e40fa2c0440ca7dd847abc4d06285732f4

BokuLoader – A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike’s Evasion Features!

June 20, 2024

A proof-of-concept User-Defined Reflective Loader (UDRL) which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor Twitter...

43b4779401704489679bf72ad3e64ec0a590a13cbc51328e8be728703d62c2b7

Volana – Shell Command Obfuscation To Avoid Detection Systems

June 19, 2024

Shell command obfuscation to avoid SIEM/detection system During pentest, an important aspect is to be stealth. For this reason you...

CyberChef – The Cyber Swiss Army Knife – A Web App For Encryption, Encoding, Compression And Data Analysis

June 18, 2024

CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These...

e9656069568f97d469daaac842841d7b50be53e9579de17b01af07933e7ea5dc

NativeDump – Dump Lsass Using Only Native APIs By Hand-Crafting Minidump Files (Without MinidumpWriteDump!)

June 16, 2024

NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to...

d2665994d3a7325b4a30f5267c0d06f1b8905e3906e703c2df8d4357b75de5e2

Sttr – Cross-Platform, Cli App To Perform Various Operations On String

June 8, 2024

sttr is command line software that allows you to quickly run various transformation operations on the string. // With input...

48102f1b6ca4f7af42d9e704460aae442fca4d9fb3a8192a24f9b599edbdfab6

PIP-INTEL – OSINT and Cyber Intelligence Tool

June 7, 2024

Pip-Intel is a powerful tool designed for OSINT (Open Source Intelligence) and cyber intelligence gathering activities. It consolidates various open-source...

9ffa84d310a45ef01d489f9a47f9f8951ac8162a91c813339ccf0be7c686d449

Thief Raccoon – Login Phishing Tool

June 6, 2024

Thief Raccoon is a tool designed for educational purposes to demonstrate how phishing attacks can be conducted on various operating...

1adec3df60266e9dd34766d99375879e94e4a2426576e7fa68edf5c1e2ffe396

X-Recon – A Utility For Detecting Webpage Inputs And Conducting XSS Scans

June 5, 2024

A utility for identifying web page inputs and conducting XSS scanning. Features: Subdomain Discovery: Retrieves relevant subdomains for the target...

Tools

LDAPWordlistHarvester – A Tool To Generate A Wordlist From The Information Present In LDAP, In Order To Crack Passwords Of Domain Accounts

June 4, 2024

A tool to generate a wordlist from the information present in LDAP, in order to crack non-random passwords of domain...

hacking

Guilty Pleas in Major MFA Bypass Scheme Exposed

Attempted Extortion: IT Engineer Charged for Hacking Former Employer

How the CrowdStrike Outage Carved Out New Opportunities for Hackers

FBI and Mandiant Identify Advanced North Korean Hackers Targeting US Defense Technologies

FBI and Mandiant Target North Korean Hackers Stealing US Defense Secrets

Ashok – A OSINT Recon Tool, A.K.A Swiss Army Knife

CloudBrute – Awesome Cloud Enumerator

Hfinger – Fingerprinting HTTP Requests

VulnNodeApp – A Vulnerable Node.Js Application

XMGoat – Composed of XM Cyber terraform templates that help you learn about common Azure security issues

Extrude – Analyse Binaries For Missing Security Features, Information Disclosure And More…

BokuLoader – A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike’s Evasion Features!

Volana – Shell Command Obfuscation To Avoid Detection Systems

CyberChef – The Cyber Swiss Army Knife – A Web App For Encryption, Encoding, Compression And Data Analysis

NativeDump – Dump Lsass Using Only Native APIs By Hand-Crafting Minidump Files (Without MinidumpWriteDump!)

Sttr – Cross-Platform, Cli App To Perform Various Operations On String

PIP-INTEL – OSINT and Cyber Intelligence Tool

Thief Raccoon – Login Phishing Tool

X-Recon – A Utility For Detecting Webpage Inputs And Conducting XSS Scans

LDAPWordlistHarvester – A Tool To Generate A Wordlist From The Information Present In LDAP, In Order To Crack Passwords Of Domain Accounts

Headerpwn – A Fuzzer For Finding Anomalies And Analyzing How Servers Respond To Different HTTP Headers

SherlockChain – A Streamlined AI Analysis Framework For Solidity, Vyper And Plutus Contracts

Pyrit – The Famous WPA Precomputed Cracker

EvilSlackbot – A Slack Bot Phishing Framework For Red Teaming Exercises

Vmware Must Support Crucial Dutch Govt Agency As It Migrates Off The Platform,judge Rules

Canada Orders Chinese Cctv Biz Hikvision To Quit The Country Asap

[INCRANSOM] – Ransomware Victim: coruzcitywndata+

[NOVA] – Ransomware Victim: Portel Logistic Technologies

[QILIN] – Ransomware Victim: www[.]nuphoton[.]com

You may have missed