Kali Linux Tutorials News Updates

Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the system, an attacker can force the ChatGPT instance to take unintended actions. promptmap is a tool that automatically tests prompt injection attacks on ChatGPT… Read more »

Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing a target with a large number of built-in checks to detect behaviors in the target. NOTE : Firefly is in a very new stage (v1.0) but works well for now,… Read more »

Winit is a robust, cross-platform library designed for creating and managing windows in Rust applications. Tailored to be a foundational component in a broader system of libraries, it facilitates direct window manipulation and event handling. Ideal for developers seeking a versatile toolset for desktop applications, Winit offers precise control through… Read more »

In today’s digital age, convenience often comes at the cost of security. One such overlooked convenience is the browser autofill feature—a handy tool that can inadvertently become a gateway for phishing attacks. This article explores a subtle yet significant vulnerability: browser autofill phishing. We delve into how browsers handle autofill… Read more »

Terminal GPT (tgpt) offers a seamless way to bring the power of ChatGPT 3.5 directly to your command line. This cross-platform CLI tool negates the need for API keys and is equipped with a range of flags and options to tailor your experience. From generating shell commands and code to… Read more »

garak checks if an LLM can be made to fail in a way we don’t want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. If you know nmap or msf / Metasploit Framework, garak does somewhat similar things to them, but for… Read more »

Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration of sensitive information from Linux systems.Its primary purpose is to streamline the process of gathering critical data in red teaming scenarios. How It Works Vermilion is a Linux-focused tool designed for efficient information gathering and… Read more »

ADCFFS is a PowerShell script that can be used to exploit the AD CS container misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise. The tool can also be used to first scan the forest to determine if it is vulnerable to the attack and… Read more »

Tartufo will, by default, scan the entire history of a git repository for any text which looks like a secret, password, credential, etc. It can also be made to work in pre-commit mode, for scanning blobs of text as a pre-commit hook. Options–default-regexes, –no-default-regexes Whether to include the default regex list… Read more »

Loco is strongly inspired by Rails. If you know Rails and Rust, you’ll feel at home. If you only know Rails and new to Rust, you’ll find Loco refreshing. We do not assume you know Rails. For a deeper dive into how Loco works, including detailed guides, examples, and API… Read more »