CapProcess: — A straightforward script for capturing the state of a machine’s processes.

A simple and quick bash script to get some basic system information such as the hostname, sudo version, system version, and, of course, capture the processes running on a Linux machine without compiling any archive, which is particularly useful for escalating privileges in CTFs and pentesting with services running in the system. Disclaimer: The intended use for the tool is strictly educational and should not be used for any other purpose Download Link: https://github.com/D3Ext/CapProcess

Continue ReadingCapProcess: — A straightforward script for capturing the state of a machine’s processes.

Indian authorities set to tighten data breach laws in 2022

According to local media reports, Indian authorities are planning to crack down on data breaches and tighten data storage standards. Organizations would be required to report data breaches within 72 hours, putting India into step with countries like the EU, which requires breach notifications under its General Data Protection Regulation (GDPR). Only card issuers and card networks, such as Visa or Mastercard, would be allowed to hold payment card data in India. Cardholder information Starting January 1, 2022, the Reserve Bank of India (RBI) will impose new restrictions on who can keep payment card data. Only the card issuer and the card network are allowed to keep full card details under the new guidelines.Others, such as shops, are only allowed to keep a limited amount of data for identification or "reconciliation reasons." The last four digits of the card number, as well as the name of the card issuer, are included in this information. Any company that retains full card data but is not the card issuer or network must erase it.The new restrictions come after initiatives in recent years to allow card networks to offer tokenization services for payment card information. Notification of a data breach Organizations in India…

Continue ReadingIndian authorities set to tighten data breach laws in 2022

Ongoing Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics

According to new data presented today, a continuous crypto mining campaign has updated its arsenal while improving its defence evasion strategies, allowing threat actors to mask incursions and fly under the radar. According to researchers from DevSecOps and cloud security firm Aqua Security, who have been tracking the malware operation for the past three years, 84 attacks against its honeypot servers…

Continue ReadingOngoing Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics

SQLbit:

Another script to automate Boolean-based SQL Injections. At the very least, it works with SQLite and allows cookies to be used. It finds cell values using bitwise comparisons with multithreading…

Continue ReadingSQLbit:

Rafel-Rat

  It is used for Victim Control, an Android Rat written in Java with a WebPanel. Rafel is a remote access tool that uses WebPanel to control victims. It has…

Continue ReadingRafel-Rat