PrivKit PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS. PrivKit detects the following misconfigurations Checks for Unquoted Service Paths Checks...
Spoofy Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records. You may be asking, “Why do we need another tool...
RecycledInjector (Currently) Fully Undetected same-process native/.NET assembly shellcode injector based on RecycledGate by thefLink, which is also based on HellsGate + HalosGate + TartarusGate to ensure undetectable native syscalls even if one...
LOAD – Lord Of Active Directory Based on AWS-Redteam-Lab and OCD GOAD The price for running the lab for 125 hours during one month is approximately 14$. With Free Tier...
ShellGhost A memory-based evasion technique which makes shellcode invisible from process start to end. Handling the Thread Execution Flow ShellGhost relies on Vectored Exception Handling in combination with software breakpoints...
JSpector JSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs and endpoints found on the JS files. Prerequisites Before installing JSpector, you...
YATAS – Yet Another Testing & Auditing Solution The goal of YATAS is to help you create a secure AWS environment without too much hassle. It won’t check for all...
Google has made significant strides in bolstering the security of its Android platform, releasing a security update that tackles a whopping 43 vulnerabilities. With a combination of high and critical...
Gerobug Open source private (self-managed) bug bounty platform. Are you a company, planning to have your own bug bounty program, with a minimum budget? We got you! We are aware...
webpalm WebPalm is a command-line tool that enables users to traverse a website and generate a tree of all its web pages and their links. It uses a recursive approach...
Sshimpanzee Sshimpanzee allows you to build a static reverse ssh server. Instead of listening on a port and waiting for connections, the ssh server will initiate a reverse connection to the attacker’s ip, just...
Freeze.rs Freeze.rs is a payload creation tool used for circumventing EDR security controls to execute shellcode in a stealthy manner. Freeze.rs utilizes multiple techniques to not only remove Userland EDR...
NimExec Basically, NimExec is a fileless remote command execution tool that uses The Service Control Manager Remote Protocol (MS-SCMR). It changes the binary path of a random or given service...
PhoenixC2 PhoenixC2 is a free & open-source C2 framework for Red Teams. It is written in Python3 and uses Flask for its REST API. It is designed to be easy...
Poastal – the Email OSINT tool Poastal is an email OSINT tool that provides valuable information on any email address. With Poastal, you can easily input an email address and it...
Support Securityonline.info site. Thanks!
CVE-2024-42057: Exploited by Helldown Ransomware to Target Linux
November 19, 2024
