ANY.RUN is an interactive online malware sandbox that provides real-time interaction, network tracking, process monitoring, and MITRE ATT&CK mapping, allowing researchers to analyze malware behavior and make adjustments during the analysis process. The service offers a range of features, including registry tracking, network requests, and static analysis, as well as a threat intelligence database contributed by a community of researchers from around the world. ANY.RUN is a cloud-based sandbox that provides a convenient and secure way to analyze malware, allowing researchers to watch the epidemic as if it was on their own computer, but with more features and security.
A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement
AEM (Adobe Experience Manager) Hacker is a tool designed to help security researchers and penetration testers identify and exploit vulnerabilities in AEM-based systems.
Learn how to create new Malleable C2 profiles for Cobalt Strike to avoid detection and signatured toolset
A collection of scripts for Turbo Intruder, a penetration testing tool
A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.
Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr, ...
A collection of tips and tricks for container and container orchestration hacking
A specification/framework for extending default C2 communication channels in Cobalt Strike
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.