canTot

This is a Python-based CLI framework called "canTot" that is designed for CAN Bus hacking and exploitation. It is similar to an exploit framework but focused on known CAN Bus vulnerabilities or "fun CAN Bus hacks." The framework is made up of several modules, each with its own specific...

Bad Magic's Extended Reign in Cyber Espionage Goes Back Over a Decade

New findings about a hacker group linked to cyber attacks targeting companies in the Russo-Ukrainian conflict area reveal that it may have been around for much longer than previously thought. The threat actor, tracked as Bad Magic aka Red Stinger, has not only been linked to a fresh sophisticated...

New 'Bad Magic' Cyber Threat Disrupt Ukraine's Key Sectors Amid War

Amid the ongoing war between Russia and Ukraine, government, agriculture, and transportation organizations located in Donetsk, Lugansk, and Crimea have been attacked as part of an active campaign that drops a previously unseen, modular framework dubbed CommonMagic. "Although the initial vector of...

Sharp Panda A Sophisticated Cyber-Espionage Campaign Targeting Governments

Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Sharp Panda cyber-espionage campaign, which has been active for a considerable period, focuses on infiltrating government entities in Southeast Asia. This operatio...

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year. The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the...

Subparse - Modular Malware Analysis Artifact Collection And Correlation Framework

Subparse, is a modular framework developed by Josh Strochein, Aaron Baker, and Odin Bernstein. The framework is designed to parse and index malware files and present the information found during the parsing in a searchable web-viewer. The framework is modular, making use of a core parsing engine,...

Lightning Framework, modular Linux malware

Researchers at Intezer have published a technical analysis of Lightning Framework, a previously undocumented and undetected Linux threat. Lightning is a modular framework that is very versatile and something we don’t see very often in the Linux space. The old argument that Linux systems or Macs f...

Experts Detail Logging Tool of DanderSpritz Framework Used by Equation Group Hackers

Cybersecurity researchers have offered a detailed glimpse into a system called DoubleFeature that's dedicated to logging the different stages of post-exploitation stemming from the deployment of DanderSpritz, a full-featured malware framework used by the Equation Group. DanderSpritz came to light...

SubCrawl - A Modular Framework For Discovering Open Directories, Identifying Unique Content Through Signatures And Organizing The Data With Optional Output Modules, Such As MISP

SubCrawl is a framework developed by Patrick Schläpfer, Josh Stroschein and Alex Holland of HP Inc’s Threat Research team. SubCrawl is designed to find, scan and analyze open directories. The framework is modular, consisting of four components: input modules, processing modules, output modules an...

Nullscan - A Modular Framework Designed To Chain And Automate Security Tests

A modular framework designed to chain and automate security tests. It parses target definitions from the command line and runs corresponding modules and their nullscan-tools afterwards. It can also take hosts and start nmap first in order to perform a basic portscan and run the modules afterwards...

ArmourBird CSF - Container Security Framework

ArmourBird CSF - Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and containers against CIS and other custom security checks. ArmourBird CSF has a client-server architecture and is thus divided into two...

[SECURITY] [DLA 1853-1] libspring-java security update

Package : libspring-java Version : 3.0.6.RELEASE-17+deb8u1 CVE ID : CVE-2014-3578 CVE-2014-3625 CVE-2015-3192 CVE-2015-5211 CVE-2016-9878 Debian Bug : 760733 769698 796137 849167 Vulnerabilities have been identified in libspring-java, a modular Java/J2EE application framework. CVE-2014-3578 A...

One-Lin3r v2.0 - Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More

One-Lin3r is simple modular and light-weight framework gives you all the one-liners that you will need while penetration testing Windows, Linux, macOS or even BSD systems or hacking generally with a lot of new features to make all of this fully automated ex: you won't even need to copy the...

PoshC2

!PoshC2 Logohttps://raw.githubusercontent.com/nettitude/PoshC...

QuarkslaB Dynamic binary Instrumentation: QBDI

QuarkslaB Dynamic binary Instrumentation QBDI is a modular, cross-platform and cross-architecture DBI framework. It aims to support Linux, macOS, Android, iOS and Windows operating systems running on x86, x86-64, ARM and AArch64 architectures. Information about what is a DBI framework and how QBD...

Wfuzz - Web Application Fuzzer

Wfuzz has been created to facilitate the task in web applications assessments and it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any fiel...

Bruteforcing Web Applications: Wfuzz

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked directories, servlets, scripts, etc, bruteforce GET and POST parameters for checking different kind of injections SQL, XSS, LDAP,etc, bruteforce Forms parameters User/Password, Fuzzing,etc...

iOS Security Testing Framework: needle

iOS Security Testing Framework Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes...

needle - The iOS Security Testing Framework

Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Description Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes of operation and...

Modular File Scanning Analysis Framework: MultiScanner

MultiScanner is a file analysis framework that allows the user to evaluate a set of files with a set of tools. Tools can be custom built python scripts, web APIs, software running on another machine, etc. Tools are incorporated by creating modules that run in the MultiScanner framework. Modules a...