Bridging the gap between identifying a flaw and demonstrating its real-world risk can be challenging. The open-source project evilreplay provides a powerful, specialized utility that helps security practitioners effectively assess and report one of the most common web application threats: Cross-Site Scripting (XSS). What is evilreplay? At its core, evilreplay is a weaponized adaptation of Read More …
Tag: tools
lsassy: An Offensive Security Tool
lsassy is an open-source tool developed by Login-Sécurité, designed specifically for offensive security practices. Available on GitHub, lsassy expertly facilitates the extraction of credential data from the memory of the Local Security Authority Subsystem Service (LSASS) process in Windows environments. Key Features Primarily, lsassy is adept at dumping credentials stored within LSASS, which is a Read More …
Checking for PrintNightmare vulnerability
In the world of Active Directory security, running the Print Spooler service on a Domain Controller is an unforced error. We saw exactly why with ‘PrintNightmare’—a vulnerability that turned a mundane background service into a highway for ransomware and domain-wide compromise. The reality is simple: if your DC is managing print jobs, it’s also managing Read More …
Enhancing Detection and Response with Intel Owl
Intel Owl is an open-source threat intelligence framework hosted on GitHub. Its primary function is to streamline the process of integrating, sharing, and analyzing threat intelligence data. Key Features Intel Owl has an ability to aggregate data from multiple sources, including public intelligence feeds and local files. It can help organizations perform automated analysis and Read More …
Tools :: pqcscan
I’ve seen security paradigms shift, but few are as fundamental as the one coming from post-quantum cryptography (PQC). Our current security, built on algorithms like RSA, is strong today. But a powerful quantum computer will one day render them obsolete, creating an existential threat to all encrypted data. A sophisticated attacker can “harvest now, decrypt Read More …
Tools :: Capa
Capa is designed to identify capabilities within executable files. This versatile tool analyzes various file types—including PE, ELF, .NET modules, shellcode, and sandbox reports—to determine a program’s functionalities, such as operating as a backdoor, installing services, or using HTTP for communication. Capa offers both a command-line interface and a web interface for interactive result inspection. Read More …
Tools :: customer-detections
The GitHub repository “customer-detections” by Okta provides a tool designed to enhance customer detection capabilities for security and identity management. It offers a set of pre-built detection rules and templates that can be customized to identify suspicious activities and potential threats within user accounts. This tool aims to improve the overall security posture by enabling Read More …
Tools :: Generative AI for Beginners
Microsoft’s “Generative AI for Beginners” is a comprehensive 21-lesson course available on GitHub, designed to equip learners with the skills to build Generative AI applications. Created by Microsoft Cloud Advocates, the course offers a structured learning path, dividing lessons into theoretical “Learn” modules and practical “Build” modules with code examples in Python and TypeScript. To Read More …
Tools :: awesome-claude-code
The “awesome-claude-code” GitHub repository serves as a curated collection of resources aimed at optimizing the Claude Code workflow, boosting productivity, and enriching the user experience. Claude Code is highlighted as an advanced CLI-based coding assistant and agent, offering robust capabilities and extensive customization options for use in terminals or IDEs. The repository, maintained by “hesreallyhim,” Read More …
Tools :: GhidraMCP
GhidraMCP is an innovative Model Context Protocol (MCP) server designed as a plugin for Ghidra, the open-source reverse engineering framework. Its primary purpose is to empower Large Language Models (LLMs) with the capability to autonomously reverse engineer applications by exposing core Ghidra functionalities to MCP clients. This tool streamlines tasks such as decompiling and analyzing Read More …