AI Summary: CTFever is a comprehensive toolkit designed for Capture The Flag (CTF) participants, offering a variety of utilities to assist in solving challenges. It includes a range of tools for tasks such as encoding/decoding, cryptography, and data analysis, featuring notable options like Base64 encoding, Caesar ciphers, and hash calculations. This resource is particularly beneficial for cybersecurity enthusiasts engaged in competitive environments, aiming to streamline their workflow and enhance their problem-solving capabilities.

AI Summary: CTFR is a tool designed to extract subdomains from HTTPS websites by leveraging Certificate Transparency logs, rather than employing conventional dictionary or brute-force attacks. Its primary use case is for cybersecurity professionals and researchers to quickly enumerate subdomains for a given target domain, with features that allow output to a specified file. The tool is straightforward to install and run, requiring only Python and pip, and offers a simple command-line interface for usage.

AI Summary: CTFs is a repository containing write-ups and resources for various Cyber Capture The Flag (CTF) challenges. It offers a comprehensive cheat sheet detailing strategies and techniques across diverse categories, including forensics, binary exploitation, web challenges, and cryptography. Notable features include curated educational resources, practice sites, and a web mirror for easy access.

README

CTFs

Writeups / Files for some of the Cyber CTFs that I’ve done

I’ve also included a list of CTF resources as well as a comprehensive cheat sheet covering tons of common CTF challenges

AI Summary: ctftool is an interactive command-line tool designed for exploring and experimenting with the CTF protocol used in Windows for Text Services. Its primary use case includes studying Windows internals, debugging Text Input Processors, and analyzing security within the CTF environment, with notable features such as support for scripting, automated interactions, and various commands for managing connections and clients. The tool is compatible with Windows 7, 8, and 10, supporting both 32-bit and x64 architectures.

AI Summary: The CVE PoC tool aggregates nearly every publicly available Proof-of-Concept (PoC) for Common Vulnerabilities and Exposures (CVEs), providing a comprehensive database of exploits for security professionals. It employs automated workflows to scrape and validate CVE details from various sources, including GitHub and HackerOne reports, while also allowing users to browse, search, and monitor PoCs for specific vulnerabilities. Noteworthy features include real-time updates, easy-to-read markdown documentation, and the ability to generate GitHub badges for affected software versions.

AI Summary: CVE-2020-0796 is a Windows SMBv3 local privilege escalation exploit that targets a vulnerability in the SMB protocol, enabling unauthorized users to elevate their permissions. The tool includes proof of concept (PoC) and analysis references for users seeking to understand and replicate the exploit. Notable features include detailed documentation and references to further resources for in-depth exploitation and analysis of the vulnerability.

README

CVE-2020-0796

Windows SMBv3 LPE Exploit

AI Summary: The CVE-2021-44228-PoC-log4j-bypass-words tool demonstrates various methods to exploit the Apache Log4j vulnerability, specifically focusing on bypassing WAF protections and patched versions. It provides multiple techniques, including the use of system environment variables, case manipulation, and invalid Unicode to obfuscate the exploit strings. Notable features include dynamic manipulation of Java naming lookups and the ability to use non-existent lookups for stealthy exploitation attempts.

README

🤝 Show your support - give a ⭐️ if you liked the content | SHARE on Twitter | Follow me on

🐱‍💻 ✂️ 🤬 LOG4J Java exploit - WAF and patches bypass tricks

📝 Description

CVE-2021-44228 works on:

AI Summary: The CVE-2023-38831 winrar exploit generator is a tool designed to create proof-of-concept (PoC) exploits for a recently discovered vulnerability in WinRAR versions up to 6.22. It allows users to customize bait files, such as images or documents, along with malicious script files to generate a malicious RAR archive. Notable features include an easy-to-use command-line interface for generating exploits and the ability to customize payloads according to user specifications.

AI Summary: CVE-2024-1086 is a universal local privilege escalation exploit targeting Linux kernels from v5.14 to v6.6, with a notable success rate of 99.4% in KernelCTF environments. It allows users to gain root access under specific conditions related to user namespaces and kernel configurations, while also showcasing a deliberate kernel panic after execution to deter malicious exploitation. The tool includes both source code for building as well as a compiled binary for ease of use.

AI Summary: CVE-bin-tool is a static analysis tool designed to identify vulnerable dependencies in binary artifacts by comparing them against known Common Vulnerabilities and Exposures (CVEs). Its primary use case is to streamline the security assessment process in software projects, enabling developers to detect and remediate vulnerabilities efficiently. Notable features include support for various package formats, a comprehensive vulnerability database, and integration capabilities with CI/CD pipelines for automated security checks.

AI Summary: The CyberSecurity repository offers a comprehensive collection of resources and tools aimed at individuals interested in cybersecurity, encompassing a wide range of topics from security models and threat identification to practical tools for ethical hacking. Notable features include a curated list of command-line and graphical user interface tools for pentesting, along with educational content covering ethical and legal aspects, security frameworks, and network fundamentals. This repository serves as a valuable reference for both newcomers and experienced professionals in the cybersecurity domain.

AI Summary: The cybersecurity-career-path repository provides a comprehensive guide to various career trajectories within cybersecurity, detailing essential skills, training, and resources for both offensive and defensive roles. Notable features include a structured overview of job titles, practical utilities, and a free platform called Career Coach for personalized career advancement. It serves as a valuable resource for individuals at any stage of their cybersecurity journey.

README

UPDATE: We’ve expanded our repository with complete career paths, essential skills training, and a ton of practical utilities and materials named Career Coach ; all available for free! Whether you’re just starting out or looking to level up, enroll in any career path at no cost, keep progressing, and fuel your professional growth with these comprehensive tools designed to help you succeed. Check out our app for seamless access and personalized guidance! Career Coach

Cybersecurity Career Path ⬆️

AI Summary: The Cybersecurity Projects repository offers a collection of 67 hands-on projects spanning from beginner to advanced levels, designed to enhance practical skills in cybersecurity. It includes structured certification roadmaps for various roles within the field, as well as a comprehensive array of learning resources such as tools, courses, and frameworks for cybersecurity professionals. Notable features include the full source code availability for projects, covering diverse topics like port scanning, keylogging, and encryption techniques.

AI Summary: CyberStrikeAI is an AI-integrated security testing platform developed in Go, designed for automated vulnerability discovery and attack-chain analysis. It features a vast integration of over 100 security tools, AI-driven orchestration, role-based testing, and lifecycle management to create a collaborative and auditable environment for security teams. Notable features include a web console, AI decision engine with OpenAI compatibility, detailed vulnerability management, and a comprehensive knowledge base for enhanced security expertise.

AI Summary: Damn Vulnerable Bank is an intentionally vulnerable Android application designed to educate users on security flaws in banking apps. Its primary use case is for security professionals and developers to explore various vulnerabilities, such as root detection and insecure storage, by interacting with features like user registration, fund transfers, and transaction history. Notable features include fingerprint and PIN verification for transactions, as well as a gamified approach to discovering hidden vulnerabilities within the app.

AI Summary: DataSurgeon is a comprehensive tool for extracting sensitive information pertinent to incident response, DLP, penetration testing, and CTF challenges. It supports extraction of a wide range of data types—including emails, credit cards, URLs, and various hashes—across multiple operating systems, and features a plugin management system that allows users to extend its functionality. Notable features include recursive file analysis, CSV output capabilities, and multi-platform support enabling usage on Windows, Linux, and macOS.

AI Summary: DDexec is a sophisticated tool designed for executing binaries by manipulating existing processes on Linux systems, utilizing memory hijacking techniques. Its notable features include the ability to run machine code directly, support for various shells, and the option to replace traditional file access methods with alternative seeking tools, which can obfuscate executable detection. The utility’s architecture minimizes dependencies, enhancing performance and potentially expanding compatibility to platforms like Android.

AI Summary: DDisasm is a high-performance disassembler that accurately translates binaries from ELF and PE formats into a reassemblable assembly code representation using the GTIRB intermediate format. Utilizing the Datalog declarative logic programming language, it derives code locations, symbolization, and function boundaries, supporting multiple instruction set architectures including x86, ARM, and MIPS. Notable features include Docker support for easy setup and integration with GTIRB for further binary analysis and manipulation.

AI Summary: DDoS-Ripper is a Python-based tool designed to simulate Distributed Denial-of-Service (DDoS) attacks for educational and testing purposes. It supports various operating systems, including Linux, Termux, Windows, and MacOS, and allows users to specify the target IP address and intensity of the attack through command line parameters. Notable features include multi-platform compatibility and straightforward installation instructions, emphasizing an ethical usage disclaimer.

README

DDoS-Ripper

What is a DDoS Attack?

A Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

AI Summary: The RootSec Archive is a comprehensive collection of tools and resources designed for conducting Distributed Denial-of-Service (DDoS) attacks, vulnerability scanning, and botnet management. Notable features include a variety of botnet variants (such as Mirai and QBot), password cracking tools, real-time statistics through DStat, and C2 sources for effective botnet control. This archive serves both as a point of reference and a toolkit for security testing and exploitation practices.

AI Summary: DeathStar is a Python script designed to automate the exploitation of misconfigurations within Active Directory environments to attain Domain and Enterprise Admin rights by leveraging the RESTful API of the Empire framework. Notable features include a plugin system for extensibility, support for multiple Active Directory domains and forests, real-time adaptive monitoring during attacks, and a fully asynchronous operation model. This tool aims to provide a comprehensive solution for demonstrating prevalent Active Directory vulnerabilities in a reliable and non-disruptive manner.

AI Summary: DeauthDetector is an open-source tool designed to monitor and detect Wi-Fi deauthentication attacks using an ESP8266 microcontroller. Its primary use case involves real-time identification of malicious deauth frames, indicated by an LED activation, making it an effective low-cost solution for network security monitoring. Notable features include customizable scanning options, support for multiple channels, and easy installation via precompiled binaries or Arduino integration.

README

DeauthDetector

Detect deauthentication frames using an ESP8266

AI Summary: Debundle is a tool designed to unpack JavaScript bundles generated by Webpack and Browserify, facilitating reverse engineering and analysis by converting minified code back into a more readable file structure. Notably, it allows users to specify configuration options for various bundling types and outputs organized directories containing the original modules, though it does not guarantee a lossless recovery of the original source code. The project is no longer maintained, and users are advised to exercise caution as it may not perform reliably on all real-world bundles.

AI Summary: Decepticon is a Vibe Hacking agent designed to streamline the red teaming process by utilizing AI to automate repetitive tasks such as scanning, service enumeration, and executing multi-stage attacks. Its primary use case is in penetration testing, where it simulates real-world attack scenarios to evaluate an organization’s security posture effectively. Notable features include the ability to handle the full kill chain, integrate with AI API keys, and operate within a Docker environment for ease of deployment.

AI Summary: The DedSec Project is an educational toolkit designed for Android using Termux, integrating various scripts, utilities, and local web interfaces to facilitate learning about cybersecurity tools and workflows. It aims to enhance users’ understanding of defensive awareness through practical exercises and organized scripts, while supporting both English and Greek interfaces. Notable features include a comprehensive installation guide, diverse categories of tools, and a focus on educational usage, including personal information capture and simulated environments.