“My little birds are everywhere, even in the North, they whisper to me the strangest stories.” – Lord Varys Meet Whispers, an advanced static code analysis tool meticulously designed to parse various common data formats, unveiling hardcoded credentials, and identifying potentially hazardous functions. Whispers seamlessly integrates into both the command-line …
Read More »Identifying harmful activity on your captured traffic
This Python script utilises Wireshark or TCPdump to analyse network traffic stored in a specified .pcap or .pcapng file. The objective is to detect potential malicious activities and attacks. The script covers a range of suspicious network behaviors, including: DNS Tunneling SSH Tunneling TCP Session Hijacking SMB Attack SMTP or …
Read More »Penetration Testing Tools for Beginners
Penetration tools for beginners. Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a ‘Swiss Army Knife’ for pen-testing and/or hacking CTF’s.
Read More »Vulnerable docker environment for learning to hack
Vulhub is an open-source collection of pre-built vulnerable docker environment for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment.
Read More »Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths. It takes a starting and ending point and will use Neo4j pathfinding algorithms to find the most efficient ACL based privilege escalation path.
Read More »