Detection

Kubeclarity – Tool For Detection And Management Of Software Bill Of Materials (SBOM) And Vulnerabilities Of Container Images And Filesystems

11 May 2022 By hackergadgets

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. SBOM & vulnerability detection challenges Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection: Various programmingRead More

Zircolite – A Standalone SIGMA-based Detection Tool For EVTX, Auditd And Sysmon For Linux Logs

18 Apr 2022 By hackergadgets

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for linux or JSONL/NDJSON Logs Zircolite is a standalone tool written in Python 3. It allows to use SIGMA rules on MS Windows EVTX (EVTX and JSONL format), Auditd logs and Sysmon for Linux logs Zircolite can be used directly on the investigated endpoint (use releases) orRead More

Cloak – A Censorship Circumvention Tool To Evade Detection By Authoritarian State Adversaries

08 Apr 2022 By hackergadgets

Cloak is a pluggable transport that enhances traditional proxy tools like OpenVPN to evade sophisticated censorship and data discrimination. Cloak is not a standalone proxy program. Rather, it works by masquerading proxied traffic as normal web browsing activities. In contrast to traditional tools which have very prominent traffic fingerprints and can be blocked by simpleRead More

openSquat – Detection Of Phishing Domains And Domain Squatting. Supports Permutations Such As Homograph Attack, Typosquatting And Bitsquatting

25 Feb 2022 By hackergadgets

What is openSquat openSquat is an opensource Intelligence (OSINT) security tool to identify cyber squatting threats to specific companies or domains, such as: Phishing campaigns Domain squatting Typo squatting Bitsquatting IDN homograph attacks Doppenganger domains Other brand/domain related scams It does support some key features such as: Automatic newly registered domain updating (once a day)Read More

Mortar – Evasion Technique To Defeat And Divert Detection And Prevention Of Security Products (AV/EDR/XDR)

07 Jan 2022 By hackergadgets

red teaming evasion technique to defeat and divert detection and prevention of security products.Mortar Loader performs encryption and decryption of selected binary inside the memory streams and execute it directly with out writing any malicious indicator into the hard-drive. Mortar is able to bypass modern anti-virus products and advanced XDR solutions and it has beenRead More

VECTR – A Tool That Facilitates Tracking Of Your Red And Blue Team Testing Activities To Measure Detection And Prevention Capabilities Across Different Attack Scenarios

25 Oct 2021 By hackergadgets

VECTR documentation can be found here: https://docs.vectr.io VECTR Community Discord Channel: https://discord.gg/2FRd8zf728 VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios. VECTR provides the ability to create assessment groups, which consist of a collection of Campaigns and supporting TestRead More

DongTai – An Interactive Application Security testing(IAST) Product That Supports The Detection Of OWASP WEB TOP 10 Vulnerabilities, Multi-Request Related Vulnerabilities (Including Logic Vulnerabilities, Unauthorized Access Vulnerabilities, Etc.), Third-Party Component Vulnerabilities, Etc.

26 Sep 2021 By

中文版本(Chinese version) About DongTai IAST DongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and taint tracking algorithms to achieve universal vulnerability detection and multiples request associated with vulnerability detection (including but not limited to unauthorized vulnerabilities, overpower vulnerabilities), Third-party component vulnerability detection, etc. Currently, applications in Java andRead More

GoPurple – Yet Another Shellcode Runner Consists Of Different Techniques For Evaluating Detection Capabilities Of Endpoint Security Solutions

05 Sep 2021 By

This project is a simple collection of various shell code injection techniques, aiming to streamline the process of endpoint detection evaluation, beside challenging myself to get into Golang world. Installation 1 – Requires go installed. 2 – Build the application from the project’s directory: go build. Set GOOS=windows if the build system is not Windows.Read More

SGXRay – Automating Vulnerability Detection for SGX Apps

17 Aug 2021 By

Intel SGX protects isolated application logic and sensitive data inside an enclave with hardware-based memory encryption. To use such hardware-based security mechanism requires a strict programming model on memory usage, with complex APIs in and out the enclave boundary. Enclave developers are required to apply careful programming practices to ensure enclave security, especially when dealingRead More

Http-Request-Smuggling – HTTP Request Smuggling Detection Tool

12 Aug 2021 By

HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request to bypass security controls and gain unauthorized access to performs malicious activities, the vulnerability was discovered back in 2005 by watchfire and later in August 2019 it re-discovered by James Kettle – (albinowax) and presentedRead More

X