GitTech (Use Caution)
GitHub - matanolabs/matano: Open source cloud-native security lake platform (SIEM alternative) for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS 🦀
Open source cloud-native security lake platform (SIEM alternative) for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS 🦀 - GitHub.
github.com
GitHub - 0x4xel/Bat-Potato: Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.
As there are other alternatives to perform Juicy Privesc (https://github.com/TsukiCTF/Lovely-Potato), Bat-Potato mainly function is to accomplish the privesc with just a cmd reverse shell. No powershell is required for this actions, so with a low integrity cmd shell you can run this .bat file.
github.com
Cyber News
FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked – Krebs on Security
InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.
krebsonsecurity.com
What Is Vulnerability Management? Definition, Lifecycle, Policy, and Best Practices | Spiceworks
Vulnerability management is the process of identifying vulnerabilities in IT assets, evaluating risk, and taking appropriate action. Click here to learn more.
spiceworks.com
OWASP ZAP – Burp to ZAP Feature Map
Burp Suite is a popular commercial web app pentesting tool. It provides a free (closed source) Community edition and a paid for Professional edition. Many people are unaware that ZAP provides most of the features available in both the Professional and Community editions of Burp. It should be noted that ZAP is not intended to be a Burp clone and as such has a different way of working.
zaproxy.org
Cyberclopaedia - The Cyberclopaedia
The Cyberclopaedia is an aspiring project aimed at accumulating knowledge from the world of cybersecurity and presenting it in a cogent way, so it is accessible to as large and audience as possible and so that everyone has a good resource to learn hacking from.
github.io
What is a Web Application Firewall (WAF)?
While websites and web applications are increasingly becoming the target of the modern-day cyber-criminal, businesses that don’t follow the best practices in cyber security are becoming […]
securelayer7.net
Dissecting the Empire C2 Framework | Qualys Security Blog
In this blog we will be taking a quick dive into Empire, a popular open-source post-exploitation framework. Empire provides an adversary with the capability to expand his foothold in a victim’s environment by leveraging hundreds of modules, RATs in multiple languages and stealthy C2 mechanisms.
qualys.com