Vaas - Verdict-as-a-Service SDKs: Analyze Files For Malicious Content

Verdict-as-a-Service VaaS is a service that provides a platform for scanning files for malware and other threats. It allows easy integration in your application. With a few lines of code, you can start scanning files for malware. ATTENTION: All SDKs are currently prototypes and under heavy...

PEzor-Docker - With The Help Of This Docker Image, You Can Easily Access PEzor On Your System!

With the help of this kali linux image, you can easily access PEzor on your system! Basically, this image is built from the kalilinux/kali-rolling image and then the PEzor shellcode and PE packer is installed on top of it. Sometimes, it's vital to have access to PEzor, specially in a post exploit...

Rip Raw - Small Tool To Analyse The Memory Of Compromised Linux Systems

Rip Raw is a small tool to analyse the memory of compromised Linux systems. It is similar in purpose to Bulk Extractor, but particularly focused on extracting system Logs from memory dumps from Linux systems. This enables you to analyse systems without needing to generate a profile. This is not a...

VulFi - Plugin To IDA Pro Which Can Be Used To Assist During Bug Hunting In Binaries

The VulFi Vulnerability Finder tool is a plugin to IDA Pro which can be used to assist during bug hunting in binaries. Its main objective is to provide a single view with all cross-references to the most interesting functions such as strcpy, sprintf, system, etc.. For cases where a Hexrays...

Casper-Fs - A Custom Hidden Linux Kernel Module Generator. Each Module Works In The File System To Protect And Hide Secret Files

Casper-fs is a custom Linux Kernel Module generator to work with resources to protect or hide a custom list of files. Each LKM has resources to protect or hide files following a custom list in the YAML rule file. Yes, not even the root has permission to see the files or make actions like edit and...

ShellcodeTemplate - An Easily Modifiable Shellcode Template For Windows X64/X86

An easily modifiable shellcode template for Windows x64/x86 How does it work? This template is heavily based on Austin Hudson's aka SecIdiot TitanLdr It compiles the project into a PE Executable and extracts the .text section Example The entrypoint of the shellcode looks like this. Of course, thi...

S3Sec - Check AWS S3 Instances For Read/Write/Delete Access

Test AWS S3 buckets for read/write/delete access This tool was developed to quickly test a list of s3 buckets for public read, write and delete access for the purposes of penetration testing on bug bounty programs. Found a bug bounty using this tool? Feel free to add me as a collaborator: @0xmoot...

RefleXXion - A Utility Designed To Aid In Bypassing User-Mode Hooks Utilised By AV/EPP/EDR Etc

Introduction RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtCreateSection, NtOpenSection and NtMapViewOfSection found in the LdrpThunkSignature arra...

Boko - Application Hijack Scanner For macOS

boko.py is an application scanner for macOS that searches for and identifies potential dylib hijacking and weak dylib vulnerabilities for application executables, as well as scripts an application may use that have the potential to be backdoored. The tool also calls out interesting files and list...

LDAP-Password-Hunter - Password Hunter In The LDAP Infamous Database

It happens that due to legacy services requirements or just bad security practices password are world-readable in the LDAP database by any user who is able to authenticate. LDAP Password Hunter is a tool which wraps features of getTGT.py Impacket and ldapsearch in order to look up for password...

CRT - CrowdStrike Reporting Tool for Azure

This tool queries the following configurations in the Azure AD/O365 tenant which can shed light on hard-to-find permissions and configuration settings in order to assist organizations in securing these environments. Exchange Online O365: Federation Configuration Federation Trust Client Access...

Ninjasworkout - Vulnerable NodeJS Web Application

Damn Vulnerable NodeJS Application Quick Start Download the Repo = run npm i Afer Installing all dependency just run the application node app.js or nodemon app.js ADDED BUGS Prototype Pollution No SQL Injection Cross site Scripting Broken Access Control Broken Session Management Weak Regex...

Mariana Trench - Security Focused Static Analysis Tool For Android And Java Applications

Mariana Trench is a security focused static analysis platform targeting Android. This guide will walk you through setting up Mariana Trench on your machine and get you to find your first remote code execution vulnerability in a small sample app. These instructions are also available at our websit...

Swurg - Parse OpenAPI Documents Into Burp Suite For Automating OpenAPI-based APIs Security Assessments

Swurg is a Burp Suite extension designed for OpenAPI testing. The OpenAPI Specification OAS defines a standard, programming language-agnostic interface description for REST APIs, which allows both humans and computers to discover and understand the capabilities of a service without requiring acce...

JVMXRay - Make Java Security Events Of Interest Visible For Analysis

JVMXRay is a technology for monitoring access to system resources within the Java Virtual Machine. It’s designed with application security emphasis but some will also find it beneficial for software quality processes and diagnostics. More about Oracle Java Duke mascot... Contact/Chat Group New ch...

Hyenae-Ng - An Advanced Cross-Platform Network Packet Generator And The Successor Of Hyenae

Hyenae NG Next Generation is a re-write of the original Hyenae tool which was originally published back in the year 2010. Besides switching from C to C++, using modern design concepts, Hyenae NG was just like the original Hyenae written with maximum portability in mind. Since the original Hyenae...

Clash - A Rule-Based Tunnel In Go

A rule-based tunnel in Go. Features Local HTTP/HTTPS/SOCKS server with authentication support VMess, Shadowsocks, Trojan, Snell protocol support for remote connections Built-in DNS server that aims to minimize DNS pollution attack impact, supports DoH/DoT upstream and fake IP. Rules based off...

Kunyu - More Efficient Corporate Asset Collection

Kunyu, More Efficient Corporate Asset Collection 0x00 Introduce Tool introduction Kunyu kunyu, whose name is taken from , is actually a professional subject related to geographic information, which counts the geographic information of the sea, land, and sky. The same applies to cyberspace. The sa...

Http-Protocol-Exfil - Exfiltrate Files Using The HTTP Protocol Version ("HTTP/1.0" Is A 0 And "HTTP/1.1" Is A 1)

Use the HTTP protocol version to send a file bit by bit "HTTP/1.0" is a 0 and "HTTP/1.1" is a 1. It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and the amount of...

SubCrawl - A Modular Framework For Discovering Open Directories, Identifying Unique Content Through Signatures And Organizing The Data With Optional Output Modules, Such As MISP

SubCrawl is a framework developed by Patrick Schläpfer, Josh Stroschein and Alex Holland of HP Inc’s Threat Research team. SubCrawl is designed to find, scan and analyze open directories. The framework is modular, consisting of four components: input modules, processing modules, output modules an...

PEASS-ng - Privilege Escalation Awesome Scripts SUITE new generation

Basic Tutorial Here you will find privilege escalation tools for Windows and Linux/Unix and MacOS. These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. Check the LocalWindo...

Gokart - A Static Analysis Tool For Securing Go Code

GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA single static assignment form of Go source code. It is capable of tracing the source of variables and function arguments to determine whether input sources are safe, which reduces the number of false positives compar...

Tuf - A Framework For Securing Software Update Systems

This repository is the reference implementation of The Update Framework TUF. It is written in Python and intended to conform to version 1.0 of the TUF specification. This implementation is in use in production systems, but is also intended to be a readable guide and demonstration for those workin...

PoshBot - Powershell-based Bot Framework

PoshBot is a chat bot written in PowerShell. It makes extensive use of classes introduced in PowerShell 5.0. PowerShell modules are loaded into PoshBot and instantly become available as bot commands. PoshBot currently supports connecting to Slack to provide you with awesome ChatOps goodness. What...

WMIHACKER - A Bypass Anti-virus Software Lateral Movement Command Execution Tool

中文版Chinese version Disclaimer: The technology involved in this project is only for security learning and defense purposes, illegal use is prohibited! Bypass anti-virus software lateral movement command execution test tool（No need 445 Port） Introduction: The common WMIEXEC, PSEXEC tool execution...

Chalumeau - Automated, Extendable And Customizable Credential Dumping Tool

Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python. Main Features Write your own Payloads In-Memory execution Extract Password List Dashboard reporting / Web Interface Parsing Mimikatz Dumping Tickets Screenshots Known Issues Parsing Mimikatz...

Xeca - PowerShell Payload Generator

xeca is a project that creates encrypted PowerShell payloads for offensive purposes. Creating position independent shellcode from DLL files is also possible. Install Firstly ensure that rust is installed, then build the project with the following command: cargo build How It Works 1. Identify and...

KatroLogger - KeyLogger For Linux Systems

KeyLogger for Linux Systems. Features Runs on GUI systems or CLI Sending data by email Dependencies curl libx11-dev Debian-Based libX11-devel RHEL-Based Compiling ./configure make make install Usage katrologger --output /path/file Send data by e-mail: katrologger --smtp-help Fixing problems...

Sojobo - A Binary Analysis Framework

Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don't need to install or compile any other external libraries the project is self contained. With Sojobo you can: Emulate a 32 bit PE binary...

ASWCrypter - An Bash&Python Script For Generating Payloads that Bypasses All Antivirus

An Bash&Python Script For Generating Payloads that Bypasses All Antivirus so far FUD. PLEASE DON'T UPLOAD BACKDOOT TO WWW.VIRUSTOTAL.COM Important This Version Just for test , In future I will update ASWCrypter to generate a payloads for linux ,Mac and Windows . ; Legal Disclamer: The author does...

Intrigue-Core - Discover Your Attack Surface

Intrigue-core is a framework for automated attack surface discovery. There are a number of use cases: Application and Infrastructure Asset Discovery Security Research and Vulnerability Discovery Malware Campaign Research & Indicator Enrichment Exploratory OSINT Research If you'd like assistance...

Mquery - YARA Malware Query Accelerator (Web Frontend)

Ever had trouble searching for particular malware samples? This project is an analyst-friendly web GUI to look through your digital warehouse. mquery can be used to search through terabytes of malware in a blink of an eye: Thanks to the UrsaDB database, queries on large datasets can be extremely...

DumpsterDiver - Tool To Search Secrets In Various Filetypes

DumpsterDiver is a tool used to analyze big volumes of various file types in search of hardcoded secret keys e.g. AWS Access Key, Azure Share Key or SSH keys. Additionally, it allows creating a simple search rules with basic conditions e.g. reports only csv file including at least 10 email...

HTTPoxyScan - HTTPoxy Exploit Scanner

PoC/Exploit scanner to scan common CGI files on a target URL for the HTTPoxy vulnerability. Httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. For more details, go to https://httpoxy.org. REQUIREMENTS: Requires ncat to establish reverse...

Whoisleak - This Tool Queries The Emails That Registered The Domain And Verifies If They Were Leaked In Some Data Leak

This tool queries the emails that registered the domain and verifies if they were leaked in some data leak. To install $ apt-get install nodejs-legacy $ pip install -r requirements.txt Usage Example python whoisleak.py -u securityattack.com.br Contact / Blog Eddy Oliveira SecurityAttack Download...

DNSBin - Tool To Test Data Exfiltration Through DNS (RCE and XXE)

DNSBin is a simple tool to test data exfiltration through DNS and help test vulnerability like RCE or XXE when the environment has significant constraint. The project is in two parts, the first one is the web server and it's component. It offers a basic web UI, for most cases you won't need more...

Honeybits - A Simple Tool Designed To Enhance The Effectiveness Of Your Traps By Spreading Breadcrumbs & Honeytokens Across Your Systems

A simple tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your production servers and workstations to lure the attacker toward your honeypots. Author: Adel "0x4D31" Karimi. Background The problem with the traditional implementation of honeypot...

Drupwn - Drupal Enumeration & Exploitation Tool

Drupwn claims to provide an efficient way to gather drupal information. Further explaination on blog post article Supported tested version Drupal 7 Drupal 8 Execution mode Drupwn can be run, using two seperate modes which are enum and exploit. The enum mode allows performing enumerations whereas...

Kurukshetra - A Framework For Teaching Secure Coding By Means Of Interactive Problem Solving

Kurukshetra is a web framework that’s developed with the aim of being the first open source framework which provides a solid foundation to host reasonably complex secure coding challenges while still providing the ability to efficiently and dynamically execute each challenge on the basis of user...

SMBrute - SMB Protocol Bruteforce

SMBrute is a program that can be used to bruteforce username and passwords of servers that are using SMB Samba. Install SMBrute $ git clone https://github.com/m4ll0k/SMBrute.git smbrute $ cd smbrute $ pip3 install pysmb, humanfriendly $ python3 smbrute.py Usage: $ python3 smbrute.py -h...

JShielder - Automates The Process Of Installing All The Necessary Packages To Host A Web Application And Hardening A Linux Server

JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server wi...

OWASP DependencyCheck - A Software Composition Analysis Utility That Detects Publicly Disclosed Vulnerabilities In Application Dependencies

Dependency-Check is a utility that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration CPE identifier for a given dependency. If found, it will generate a report linking to the associate...

Altdns - Generates permutations, alterations and mutations of subdomains and then resolves them

Altdns is a DNS recon tool that allows for the discovery of subdomains that conform to patterns. Altdns takes in words that could be present in subdomains under a domain such as test, dev, staging as well as takes in a list of subdomains that you know of. From these two lists that are provided as...

LuLu - macOS Firewall That Aims To Block Unauthorized (Outgoing) Network Traffic

LuLu is the free open-source macOS firewall that aims to block unauthorized outgoing network traffic, unless explicitly approved by the user: Full details and usage instructions can be found here. It's also important to understand LuLu's limitations! Some of these will be addressed as the softwar...

DEScrypt-CPU-Collision-Cracker - DEScrypt CPU Collision Cracker

A linux based high performance DEScrypt CPU cracker written in c++, it deduces the salt and uses a password list to crack hashes. Why not use a rainbow table? DEScrypt uses by default a two byte saltcomprised of characters a-zA-Z0-9./ 1 which would mean that you would need to produce roughly 65,5...

Ketshash - A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs

A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs. The tool was published as part of the "Pass-The-Hash detection" research - more details on "Pass-The-Hash detection" are in the blog post:...

uncaptcha - Defeating Google's audio reCaptcha with 85% accuracy

Defeating Google's audio reCaptcha system with 85% accuracy. Inspiration Across the Internet, hundreds of thousands of sites rely on Google's reCaptcha system for defense against bots in fact, Devpost uses reCaptcha when creating a new account. After a Google research team demonstrated a near...

PortEx - Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...

SimpleWall - Simple tool to configure Windows Filtering Platform (WFP)

Simple tool to configure Windows Filtering Platform WFP which can configure network activity on your computer. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For...

Exitmap - A Fast and Modular Scanner for TOR Exit Relays

Exitmap is a fast and modular Python-based scanner for Tor exit relays. Exitmap modules implement tasks that are run over a subset of all exit relays. If you have a background in functional programming, think of exitmap as a map interface for Tor exit relays: Modules can perform any TCP-based...