31/07/2022

Recently, there was a GET Flooding Attack-type DDoS attack case on a web services company for about 20 hours. Various attack traffics were detected on the login page which caused serious load on the server and ended up paralyzing the entire login function.…

Table of Contents Introduction A word of advice Why should you build a home lab? Things you need to consider Hardware Hunting for Hardware Network Software Virtualization Software Network Virtual Devices Operating Systems Windows Unix and *Nix Apple Mac OS…

Automatic SSTI detection tool with interactive interface - GitHub - vladko312/SSTImap: Automatic SSTI detection tool with interactive interface

A vade mecum for all things Threat Modeling.

Insider threats are one of the most difficult risks for security teams to manage because most employees require some level of trust and privileges to perform their roles. Managing this risk involves detecting and containing the undesirable behavior of trusted…

Mara is a userland pty/tty sniffer. Contribute to io-tl/Mara development by creating an account on GitHub.

We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. This class of stealthy execution techniques include process doppelganging…

Introduction In part three of this series, we will analyse Brute Ratel, a command and control framework developed by Dark Vortex. As the C2 is lesser known, we can see...

Beside bug fixes this release introduces many new features and it was so much fun working on it. We think this release is very beautiful and we are really proud of it! You are invited to celebrate ...

On Tuesday, December 7th 2021 I discovered a critical vulnerability in Cloudflare’s Email Routing service. This vulnerabilty enabled anyone to modify the routing configuration of any domain using the service. A bad actor could have overwritten the destination…

Identity and Access Management has always been a major area of concern and focus for organizations, across all the different systems in the estate, including source control management systems (SCM), and specifically GitHub. Organizations spend a great deal…

A tool to take domains from stdin and output to stdout if have at least one IP address associated with the selected country.

Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts. - google/paranoid_crypto

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w...

Akamai researchers have analyzed ASNs to determine some shocking stats about the state of malicious IPs and where they are from.

Last months I’ve been working on a new project called didsomeoneclone.me. Last years I’ve been analyzing many phishing websites for fun. During those analysi...