SymCrypt is a core cryptographic function library developed by Microsoft. It began in late 2006, initially focusing on symmetric cryptographic operations. Since Windows 8, it has served as the primary crypto library for symmetric algorithms, and from Windows 10 version 1703, it became the main crypto library for all algorithms within Windows. Its key objectives Read More …
Tag: security tools
Tools – ldapsearch-ad
ldapsearch-ad is a Python3 script designed for rapid information gathering from a domain controller via its LDAP service. It’s often used immediately after acquiring valid Active Directory credentials, serving as a valuable complement to tools like BloodHound and PingCastle. The script offers flexible installation methods, either through pipx or by cloning its source code and Read More …
Tool Overview: h8mail
h8mail is an open-source intelligence (OSINT) and password breach hunting tool written in Python. It is designed to help security professionals identify if specific email addresses have been compromised in data breaches. By aggregating data from multiple leak-checking services and local databases, h8mail provides a centralized way to audit credential exposure for individuals or entire Read More …
Tool Overview: theHarvester
theHarvester is an open-source tool designed for the reconnaissance phase of a penetration test or security audit. Developed by Christian Martorella, it is written in Python and serves as a framework for gathering open-source intelligence (OSINT). Its primary function is to collect emails, subdomains, hosts, employee names, open ports, and banners from various public data Read More …
A Powerful OSINT Tool for Username Discovery
The ability to gather intelligence efficiently is a foundational skill. One effective tool for early stages is Sherlock. Named after the legendary detective, Sherlock is an open-source, Python-based tool designed to help security professionals and researchers locate a specific username across hundreds of different websites and social media platforms simultaneously. How Sherlock Works Sherlock operates Read More …
lsassy: An Offensive Security Tool
lsassy is an open-source tool developed by Login-Sécurité, designed specifically for offensive security practices. Available on GitHub, lsassy expertly facilitates the extraction of credential data from the memory of the Local Security Authority Subsystem Service (LSASS) process in Windows environments. Key Features Primarily, lsassy is adept at dumping credentials stored within LSASS, which is a Read More …
Tools :: pqcscan
I’ve seen security paradigms shift, but few are as fundamental as the one coming from post-quantum cryptography (PQC). Our current security, built on algorithms like RSA, is strong today. But a powerful quantum computer will one day render them obsolete, creating an existential threat to all encrypted data. A sophisticated attacker can “harvest now, decrypt Read More …