The GitHub repository IronNetTR, maintained by Mikhail Kasimov (forked from nathanawmk), serves as a centralized public archive for research conducted by IronNet’s Threat Research Teams. IronNetTR is a collection of technical reports and data sets focused on active cyber threats. Unlike general news sites, this repository provides the raw data and technical specifics, such as Read More …
Tag: tools
Automating the Audit
Stop Staring at DNS Records If you are new to Information Security, you’ll quickly learn that visibility is your best friend. One of the first things I look at when assessing a domain’s posture is its DMARC (Domain-based Message Authentication, Reporting, and Conformance) record. DMARC tells the world how to handle emails that claim to be Read More …
A Powerful OSINT Tool for Username Discovery
The ability to gather intelligence efficiently is a foundational skill. One effective tool for early stages is Sherlock. Named after the legendary detective, Sherlock is an open-source, Python-based tool designed to help security professionals and researchers locate a specific username across hundreds of different websites and social media platforms simultaneously. How Sherlock Works Sherlock operates Read More …
Frankenmap
Modern Intrusion Detection Systems (IDS) easily spot the distinct signatures of Nmap’s default aggressive probes. Here is a stealth blueprint for getting OS, version, and script data without kicking the front door down: 1. Deconstructing the Aggressive Scan Instead of using -A, use these specific flags to control exactly what information is gathered and how Read More …
NMAP discovery options
I will break down the options for each command. Command 1: sudo nmap -sn 10.0.0.* -oG – | awk ‘/Up$/{print $2}’ –discovery-ignore-rst Summary: This command is used to build a list of “up” machines on a specific subnet (in this case, 10.0.0.*). Breakdown: sudo nmap -sn 10.0.0.*: Performs a simple ping scan (-sn) on the Read More …
evilreplay for Modern Web Security Assessment
Bridging the gap between identifying a flaw and demonstrating its real-world risk can be challenging. The open-source project evilreplay provides a powerful, specialized utility that helps security practitioners effectively assess and report one of the most common web application threats: Cross-Site Scripting (XSS). What is evilreplay? At its core, evilreplay is a weaponized adaptation of Read More …
lsassy: An Offensive Security Tool
lsassy is an open-source tool developed by Login-Sécurité, designed specifically for offensive security practices. Available on GitHub, lsassy expertly facilitates the extraction of credential data from the memory of the Local Security Authority Subsystem Service (LSASS) process in Windows environments. Key Features Primarily, lsassy is adept at dumping credentials stored within LSASS, which is a Read More …
Checking for PrintNightmare vulnerability
In the world of Active Directory security, running the Print Spooler service on a Domain Controller is an unforced error. We saw exactly why with ‘PrintNightmare’—a vulnerability that turned a mundane background service into a highway for ransomware and domain-wide compromise. The reality is simple: if your DC is managing print jobs, it’s also managing Read More …
Enhancing Detection and Response with Intel Owl
Intel Owl is an open-source threat intelligence framework hosted on GitHub. Its primary function is to streamline the process of integrating, sharing, and analyzing threat intelligence data. Key Features Intel Owl has an ability to aggregate data from multiple sources, including public intelligence feeds and local files. It can help organizations perform automated analysis and Read More …
Tools :: pqcscan
I’ve seen security paradigms shift, but few are as fundamental as the one coming from post-quantum cryptography (PQC). Our current security, built on algorithms like RSA, is strong today. But a powerful quantum computer will one day render them obsolete, creating an existential threat to all encrypted data. A sophisticated attacker can “harvest now, decrypt Read More …