6011 matches found
Sandbox_Scryer - Tool For Producing Threat Hunting And Intelligence Data From Public Sandbox Detonation Output
The Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The tool leverages the MITRE ATT&CK Framework to organize and prioritize findings, assisting in the assembly of IOCs, understanding attack movement and in threat...
Dismember - Scan Memory For Secrets And More
Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes or particular ones for common secrets and custom regular expressions, among other things. It will eventually become a full /proc toolkit. Using the grep command, it can match a regular expression...
autoSSRF - Smart Context-Based SSRF Vulnerabiltiy Scanner
autoSSRF is your best ally for identifying SSRF vulnerabilities at scale. Different from other ssrf automation tools, this one comes with the two following original features : Smart fuzzing on relevant SSRF GET parameters When fuzzing, autoSSRF only focuses on the common parameters related to SSR...
Jscythe - Abuse The Node.Js Inspector Mechanism In Order To Force Any Node.Js/Electron/V8 Based Process To Execute Arbitrary Javascript Code
jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even if their debugging capabilities are disabled. Tested and working against Visual Studio Code, Discord, any Node.js application and more! How 1. Locate t...
MrKaplan - Tool Aimed To Help Red Teamers To Stay Hidden By Clearing Evidence Of Execution
MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution. It works by saving information such as the time it ran, snapshot of files and associate each evidence to the related user. This tool is inspired by MoonWalk, a similar tool for Unix machines. You can re...
Gallia - Extendable Pentesting Framework
Gallia is an extendable pentesting framework with the focus on the automotive domain. The scope of gallia is conducting penetration tests from a single ECU up to whole cars, with the main focus on the UDS interface. Taking advantage of this modular design, the logging and archiving functionality...
OSIPs - Gathers All Valid IP Addresses From All Text Files From A Directory, And Checks Them Against Whois Database, TOR Relays And Location
This script scans every file from a given folder recursively, extracts every IPv4 and IPv6 address, filters out the public IP addresses and then queries these IPs against TOR relays, WhoIs service and Location service. It outputs 4 files: a CSV file and a JSON file with all details of the IP...
BinAbsInspector - Vulnerability Scanner For Binaries
BinAbsInspector Binary Abstract Inspector is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is based on abstract interpretation with the support from Ghidra. It works on Ghidra's Pcode...
Pybatfish - Python Client For Batfish (Network Configuration Analysis Tool)
Pybatfish is a Python client for Batfish. What is Batfish? Batfish is a network validation tool that provides correctness guarantees for security, reliability, and compliance by analyzing the configuration of network devices. It builds complete models of network behavior from device configuration...
IOSSecuritySuite - iOS Platform Security And Anti-Tampering Swift Library
iOS Security Suite is an advanced and easy-to-use platform security & anti-tampering library written in pure Swift! If you are developing for iOS and you want to protect your app according to the OWASP MASVS standard, chapter v8, then this library could save you a lot of time. What ISS detect...
ICMP-TransferTools - Transfer Files To And From A Windows Host Via ICMP In Restricted Network Environments
ICMP-TransferTools is a set of scripts designed to move files to and from Windows hosts in restricted network environments. This is accomplished using a total of 4 different files, consisting of a python server and powershell client for each transfer direction Download & Upload. The only dependen...
Fennec - Artifact Collection Tool For *Nix Systems
fennec is an artifact collection tool written in Rust to be used during incident response on nix based systems. fennec allows you to write a configuration file that contains how to collect artifacts. Features A single statically compiled binary Execute any osquery SQL query Execute system command...
Flare-Qdb - Command-line And Python Debugger For Instrumenting And Modifying Native Software Behavior On Windows And Linux
flare-qdb is a command-line and scriptable Python-based tool for evaluating and manipulating native program state. It uses Vivisect to set a breakpoint on each queried instruction and executes Python code when hit. flare-qdb frees the analyst to take a nonlinear approach to dynamic analysis that...
SocialPwned - An OSINT Tool That Allows To Get The Emails, From A Target, Published In Social Networks Such As Instagram, Linkedin And Twitter To Find Possible Credentials Leaks In PwnDB Or Dehashed And Obtain Google Account Information Via GHunt
SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks like Instagram, Linkedin and Twitter to find the possible credential leaks in PwnDB or Dehashed and obtain Google account information via GHunt. The purpose of this tool is to facilitate the...
Raven - Advanced Cyber Threat Map (Simplified, Customizable, Responsive)
Raven - Advanced Cyber Threat Map Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, 100,000 cities, and can be used in an isolated environment without external lookups!. Live - Demo https://qeeqbox.github.io/raven/ Offline - Demo Features Uses D3.js Not...
Certify - Active Directory Certificate Abuse
Certify is a C tool to enumerate and abuse misconfigurations in Active Directory Certificate Services AD CS. @harmj0y and @tifkin are the primary authors of Certify and the the associated AD CS research blog and whitepaper. Usage C:\ToolsCertify.exe / | | | / | | | | | | | | | / \ '| | | | | | | ...
Gundog - Guided Hunting In Microsoft 365 Defender
Gundog provides you with guided hunting in Microsoft 365 Defender. Especially if not only for Email and Endpoint Alerts at the moment. Functionality You provide an AlertID you might received via Email notification and gundog will then hunt for as much as possible associated data. It does not give...
PwnLnX - An Advanced Multi-Threaded, Multi-Client Python Reverse Shell For Hacking Linux Systems
An advanced multi-threaded , multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer : This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a comput...
BlackMamba - C2/post-exploitation Framework
BlackMamba is a multi client C2/post exploitation framework with some spyware features. Powered by Python 3.8.6 and QT Framework. Some of BlackMamba features are: Multi Client - Supports multiple client connections at the same time. Real Time Communication Updates - Real time communication and...
Binbloom - Raw Binary Firmware Analysis Software
The purpose of this project is to analyse a raw binary firmware and determine automatically some of its features. This tool is compatible with all architectures as basically, it just does simple statistics on it. In order to compute the loading address, you will need the help of an external rever...
Cooolis-ms - A Server That Supports The Metasploit Framework RPC
Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: 1...
CRLFuzz - A Fast Tool To Scan CRLF Vulnerability Written In Go
A fast tool to scan CRLF vulnerability written in Go Installation from Binary The installation is easy. You can download a prebuilt binary from releases page, unpack and run! or with $ curl -sSfL http://git.io/get-crlfuzz | sh -s -- -b /usr/local/bin from Source If you have go1.13+ compiler...
Unimap - Scan Only Once By IP Address And Reduce Scan Times With Nmap For Large Amounts Of Data
Scan only once by IP address and reduce scan times with Nmap for large amounts of data. Unimap is an abbreviation of "Unique Nmap Scan ". The tool can run in Linux, OSX, Windows or Android Termux without problems. Why? If you have plans to run an Nmap to a whole organization you need to consideer...
ActiveDirectoryEnumeration - Enumerate AD Through LDAP With A Collection Of Helpfull Scripts Being Bundled
ADE - ActiveDirectoryEnum usage: activeDirectoryEnum -h -o OUTFILE -u USER -s -smb -kp -bh -spn --all --no-creds dc / | / / / \ / / / / / /| |/ / / / | / / / / / / / / / / / / / / / / / / / / / / \ / / // // /| |/ / / // / / / / / // // // / / / // / // / / / // / / / / / / // |/// |/////...
SpaceSiren - A Honey Token Manager And Alert System For AWS
SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey tokens at scale -- up to 10,000 per SpaceSiren instance -- at close to no cost.1 How It Works SpaceSiren provides an API to create no-permission AWS IAM users and...
Parth - Heuristic Vulnerable Parameter Scanner
Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter ?url= usually contains URLs as the value and hence often falls victim to file inclusion, open redirect and SSRF attacks. Parth can go through your burp history, a list of URLs...
DLInjector-GUI - DLL Injector Graphical User Interface
DLInjector for Graphical User Interface. Faster DLL Injector for processes. It targets the process name to identify the target. The process does not need to be open to define the target. DLInjector waits until the process executed. USAGE DLInjector usage a very simple. Firstly, enter the target...
TrustJack - Yet Another PoC For Hijacking DLLs in Windows
Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows Blogpost: https://redteamer.tips/?p=108 To be used with a cmd that does whatever the F you want, for a dll that pops cmd, https://github.com/jfmaes/CMDLL. check the list in wietze's site to check how you should call...
How AI and Voice Technology is Similar to a Service Dog
Can a more complex comparison be made? AI and voice assistance are similar to a seeing-eye dog. Throwing the duties of a service dog into the same court as technology is outlandish as things get, even in the middle of an ever-shifting pandemic. But with retail software development services workin...
SAyHello - Capturing Audio (.Wav) From Target Using A Link
Capturing audio .wav from target using a link How it works? After the user grants microphone permissions, a website redirect button of your choice is released to distract the target while small audio files about 4 seconds in wav format are sent to the attacker. It uses Recorderjs, plugin for...
CRS - OWASP ModSecurity Core Rule Set
The OWASP ModSecurity Core Rule Set CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. The Core Rule Se...
Crypton - Library Consisting Of Explanation And Implementation Of All The Existing Attacks On Various Encryption Systems, Digital Signatures, Hashing Algorithms
Crypton is an educational library to learn and practice Offensive and Defensive Cryptography. It is basically a collection of explanation and implementation of all the existing vulnerabilities and attacks on various Encryption Systems Symmetric and Asymmetric, Digital Signatures, Message...
Kali Linux 2018.3 Release - Penetration Testing and Ethical Hacking Linux Distribution
Kali 2018.3 brings the kernel up to version 4.17.0 and while 4.17.0 did not introduce many changes, 4.16.0 had a huge number of additions and improvements including more Spectre and Meltdown fixes, improved power management, and better GPU support. New Tools and Tool Upgrades Since our last...
Airba.sh - A POSIX-compliant, Fully Automated WPA PSK Handshake Capture Script Aimed At Penetration Testing
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing. It is compatible with Bash and Android Shell tested on Kali Linux and Cyanogenmod 10.2 and uses aircrack-ng to scan for clients that are currently connected to access points AP. Those...
Backdoorme - Powerful Auto-Backdooring Utility
Tools like metasploit are great for exploiting computers, but what happens after you've gained access to a computer? Backdoorme answers that question by unleashing a slew of backdoors to establish persistence over long periods of time. Once an SSH connection has been established with the target,...
WAScan - Web Application Scanner
WAScan Web Application Scanner is a Open Source web application security scanner. It is designed to find various vulnerabilities using "black-box" method, that means it won't study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application,...
Revoke-Obfuscation - PowerShell Obfuscation Detection Framework
Revoke-Obfuscation is a PowerShell v3.0+ compatible PowerShell obfuscation detection framework. Authors Daniel Bohannon @danielhbohannon Lee Holmes @LeeHomes Research Blog Post: https://www.fireeye.com/blog/threat-research/2017/07/revoke-obfuscation-powershell.html White Paper:...
Mitm6 - Pwning IPv4 Via IPv6
Mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with a link-local IPv6 address and setting the attackers host as default DNS server. As DNS server, mitm6 will...
ReelPhish - A Real-Time Two-Factor Phishing Tool
ReelPhish simplifies the real-time phishing technique. The primary component of the phishing tool is designed to be run on the attacker’s system. It consists of a Python script that listens for data from the attacker’s phishing site and drives a locally installed web browser using the Selenium...
SQLmap Tamper-API - SQLMap Tamper API To Accept Tamper Scripts From All Languages
It's an API for SQLmap tamper scripts allows you to use your favorite programming language to write your tamper scripts. This API solves SQLmap limitation of accepting only python to write tamper scripts. How it works taper-api.py script sends the payload and kwargs in a JSON format "payload": ""...
Vegile - Tool for Post exploitation Techniques in Linux
Vegile is a tool for Post exploitation Techniques in linux. Post Exploitation techniques will ensure that we maintain some level of access and can potentially lead to deeper footholds into our targets trusted network. How it works This tool will setting up your backdoor/rootkits when backdoor...
truffleHog - Searches Through Git Repositories For High Entropy Strings And Secrets, Digging Deep Into Commit History
Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed. NEW Trufflehog previously functioned by running entropy checks on git diffs. This functionality still exists, but high signal regex checks hav...
Kali Linux 2017.3 Release - The Best Penetration Testing Distribution
Kali Linux 2017.3 released , which includes all patches, fixes, updates, and improvements since our last release. In this release, the kernel has been updated to 4.13.10 and it includes some notable improvements: CIFS now uses SMB 3.0 by default EXT4 directories can now contain 2 billion entries...
changeme - A Default Credential Scanner
A default credential scanner. About Getting default credentials added to commercial scanners is often difficult and slow. changeme is designed to be simple to add new credentials without having to write any code or modules. changeme keeps credential data separate from code. All credentials are...
Invoke-CradleCrafter - PowerShell Remote Download Cradle Generator and Obfuscator
Invoke-CradleCrafter is a PowerShell v2.0+ compatible PowerShell remote download cradle generator and obfuscator. Purpose Invoke-CradleCrafter exists to aid Blue Teams and Red Teams in easily exploring, generating and obfuscating PowerShell remote download cradles. In addition, it helps Blue Team...
CyberChef - The Cyber Swiss Army Knife [A Web App For Encryption, Encoding, Compression And Data Analysis]
The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression an...
Hydra 8.6 - Fast and Flexible Network Login Hacker
A very fast network logon cracker which supports many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and Medusa. Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of...
EGESPLOIT - A Golang Library For Malware Development
EGESPLOIT is a golang library for malware development, it has few unique functions for meterpreter integration. DOCUMENTATION CalculateChecksumx : Function calculates x digit 8 bit checksum for reverse HTTP/HTTPS meterpreter connections, returns the calculated checksum as string...
RecuperaBit - A Tool For Forensic File System Reconstruction
A software which attempts to reconstruct file system structures and recover files. Currently it supports only NTFS. RecuperaBit attempts reconstruction of the directory structure regardless of: missing partition table unknown partition boundaries partially-overwritten metadata quick format You ca...
TLS-Attacker - A Java-based Framework for Analyzing TLS Libraries
TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is able to send arbitrary protocol messages in an arbitrary order to the TLS peer, and define their modifications using a provided interface. This gives the developer an opportunity to easily define a custom TLS protocol flow...