Karton - Distributed Malware Processing Framework Based On Python, Redis And MinIO

Distributed malware processing framework based on Python, Redis and MinIO. The idea Karton is a robust framework for creating flexible and lightweight malware analysis backends. It can be used to connect malware analysis systems into a robust pipeline with very little effort. We've been in the...

UnhookMe - An Universal Windows API Resolver And Unhooker Addressing Problem Of Invoking Unmonitored System Calls From Within Of Your Red Teams Malware

In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their enhanced optics requirements, modern adversaries must have a robust tool to slide through these watchguards. The propsed implementation of dynamic imports resolver that would be capable of unhooking...

ADCSPwn - A Tool To Escalate Privileges In An Active Directory Network By Coercing Authenticate From Machine Accounts And Relaying To The Certificate Service

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts Petitpotam and relaying to the certificate service. Usage Run ADCSPwn on your target network. authentication will be relayed to. Optional arguments: port - The port ADCSPwn will listen on...

Sigurlfind3R - A Reconnaissance Tool, It Fetches URLs From AlienVault's OTX, Common Crawl, URLScan, Github And The Wayback Machine

sigurlfind3r is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX , Common Crawl , URLScan , Github and the Wayback Machine. DiSCLAIMER: fetching urls from github is a bit slow. Usage sigurlfind3r -h This will display help for the tool. | |/ | | / / | |/ | | | | '| | || |...

Php-Jpeg-Injector - Injects Php Payloads Into Jpeg Images

Injects php payloads into jpeg images. Related to this post. Use Case You have a web application that runs a jpeg image through PHP's GD graphics library. Description This script injects PHP code into a specified jpeg image. The web application will execute the payload if it interprets the image...

Solitude - A Privacy Analysis Tool That Enables Anyone To Conduct Their Own Privacy Investigations

Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating user privacy within an app accessible for everyone. Important Note Prior to installing Solitude it...

Go-Shellcode - A Repository Of Windows Shellcode Runners And Supporting Utilities

go-shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques. The available Shellcode runners include: CreateFiber CreateProcess CreateProcessWithPipe CreateRemoteThread CreateRemoteThreadNati...

cThreadHijack - Beacon Object File (BOF) For Remote Process Injection Via Thread Hijacking

. . . \ /| | | / | || || | | / | | | | \ / \ \ / / \ | | \ \ / | |/ / \ | | | Y \ | /\ / / / // \ Y / | | |/ \ | | || /| \ /\ || /|/| /\ | \ / / / / / / | / / / Beacon Object File BOF for remote process injection, via thread hijacking, without spawning a remote thread...

TwiTi - Tool for extracting IOCs from tweet

TwiTi, a tool for extracting IOCs from tweets, can collect a large number of fresh, accurate IOCs. TwiTi does classifying whether a tweet contains IOCs or not. extracting IOCs from a tweet and also from links mentioned in a tweet. For more details please refer to our paper, "Twiti: Social Listeni...

WARCannon - High Speed/Low Cost CommonCrawl RegExp In Node.js

WARCannon was built to simplify and cheapify the process of 'grepping the internet'. With WARCannon, you can: Build and test regex patterns against real Common Crawl data Easily load Common Crawl datasets for parallel processing Scale compute capabilities to asynchronously crunch through WARCs at...

ChangeTower - Tool To Help You Watch Changes In Webpages And Get Notified Of Any Changes

ChangeTower is intended to help you watch changes in webpages and get notified of any changes written in Go This tools is good to know the web pages are update something or not to work on the new site before others Installation Instructions ChangeTower requires go1.16+ to install successfully. Ru...

Elpscrk - An Intelligent Common User-Password Profiler Based On Permutations And Statistics

An Intelligent common user-password profiler that's named after the same tool in Mr.Robot series S01E01 In simple words, elpscrk will ask you about all info you know about your target then will try to generate every possible password the target could think of, it all depends on the information yo...

Uchihash - A Small Utility To Deal With Malware Embedded Hashes

Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dynamically importing APIs especially in shellcode Checking running process used by analysts Anti-Analysis Checking VM or Antivirus artifacts Anti-Analysis...

SharpLAPS - Retrieve LAPS Password From LDAP

The attribute ms-mcs-AdmPwd stores the clear-text LAPS password. This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory. Require either: Account with ExtendedRight or Generic All Rights Domain Admin...

Doldrums - A Flutter/Dart Reverse Engineering Tool

To flutter: to move in quick, irregular motions, to beat rapidly, to be agitated. Doldrums: a period of stagnation. Doldrums is a reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally...

Rz-Ghidra - Deep Ghidra Decompiler And Sleigh Disassembler Integration For Rizin

This is an integration of the Ghidra decompiler and Sleigh Disassembler for rizin. It is solely based on the decompiler part of Ghidra, which is written entirely in C++, so Ghidra itself is not required at all and the plugin can be built self-contained. This project was presented, initially for...

Domhttpx - A Google Search Engine Dorker With HTTP Toolkit Built With Python, Can Make It Easier For You To Find Many URLs/IPs At Once With Fast Time

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time. Usage Flags This will display help for the tool. Here are all the switches it supports. Flag | Description | Example ---|---|--- -ip, --only-ip |...

PowerShellArmoury - A PowerShell Armoury For Security Guys And Girls

The PowerShell Armoury is meant for pentesters, "insert-color-here"-teamers and everyone else who uses a variety of PowerShell tools during their engagements. It allows you to download and store all of your favourite PowerShell scripts in a single, encrypted file. You do not have to hassle with...

tsharkVM - Tshark + ELK Analytics Virtual Machine

This project builds virtual machine which can be used for analytics of tshark -T ek ndjson output. The virtual appliance is built using vagrant, which builds Debian 10 with pre-installed and pre-configured ELK stack. After the VM is up, the process is simple: decoded pcaps tshark -T ek output /...

CSIRT-Collect - PowerShell Script To Collect Memory And (Triage) Disk Forensics

A PowerShell script to collect memory and triage disk forensics for incident response investigations. The script leverages a network share, from which it will access and copy the required executables and subsequently upload the acquired evidence to the same share post-collection. Permission...

Cerbrutus - Network Brute Force Tool, Written In Python

Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services. COMING SOON: SMB, HTTPs POST, HTTPs GET, HTTP BASIC AUTH Thanks to @0dayctf, Rondons, Enigma, and 001 fortesting and contributing Installation: cd /opt git clone...

Ruse - Mobile Camera-Based Application That Attempts To Alter Photos To Preserve Their Utility To Humans While Making Them Unusable For Facial Recognition Systems

Mobile camera-based application that attempts to alter photos to preserve their utility to humans while making them unusable for facial recognition systems. Installation 1 Easy Method: Wait and download app from appropriate app store. 2 Download and run ios app via XCode see Development setup for...

LightMe - HTTP Server Serving Obfuscated Powershell Scripts/Payloads

LightMe is a Simple HTTP Server serving Powershell Scripts/Payloads after Obfuscate them and run obfuscation as a service in backgroud in order to keep obfuscate the payloads which giving almost new obfuscated payload on each HTTP request Main Features Obfuscate all powershell files within a...

Rtl_433 - Program To Decode Radio Transmissions From Devices On The ISM Bands (And Other Frequencies)

rtl433 despite the name is a generic data receiver, mainly for the 433.92 MHz, 868 MHz SRD, 315 MHz, 345 MHz, and 915 MHz ISM bands. The official source code is in the https://github.com/merbanan/rtl433/ repository. For more documentation and related projects see the https://triq.org/ site. It...

Sniffle - A Sniffer For Bluetooth 5 And 4.X LE

Sniffle is a sniffer for Bluetooth 5 and 4.x LE using TI CC1352/CC26x2 hardware. Sniffle has a number of useful features, including: Support for BT5/4.2 extended length advertisement and data packets Support for BT5 Channel Selection Algorithms 1 and 2 Support for all BT5 PHY modes regular 1M, 2M...

Radare2 - UNIX-like Reverse Engineering Framework And Command-Line Toolset

r2 is a rewrite from scratch of radare. It provies a set of libraries, tools and plugins to ease reverse engineering tasks. The radare project started as a simple command-line hexadecimal editor focused on forensics, over time more features were added to support a scriptable command-line low leve...

CredPhish - A PowerShell Script Designed To Invoke Legitimate Credential Prompts And Exfiltrate Passwords Over DNS

CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on CredentialPicker to collect user passwords, Resolve-DnsName for DNS exfiltration, and Windows Defender's ConfigSecurityPolicy.exe to perform arbitrary GET requests. For a walkthrough, see...

LoGiC.NET - A More Advanced Free And Open .NET Obfuscator Using Dnlib

LoGiC.NET is a free and open-source .NET obfuscator that uses dnlib for folks that want to see how obfuscation works with more complex obfuscations than Goldfuscator for example. Before obfuscation After obfuscation Dependencies dnlib v3.3.2 : Restore NuGet packages and it'll work if it doesn't...

TokenTactics - Azure JWT Token Manipulation Toolset

Azure JSON Web Token "JWT" Manipulation Toolset Azure access tokens allow you to authenticate to certain endpoints as a user who signs in with a device code. Even if they used multi-factor authentication. Once you have a user's access token, it may be possible to access certain apps such as...

Reconmap - VAPT (Vulnerability Assessment And Penetration Testing) Automation And Reporting Platform

Reconmap is a vulnerability assessment and penetration testing VAPT platform. It helps software engineers and infosec pros collaborate on security projects, from planning, to implementation and documentation. The tool's aim is to go from recon to report in the least possible time. Demo Details on...

Dorothy - Tool To Test Security Monitoring And Detection For Okta Environments

Created by David French @threatpunter at Elastic Security Dorothy is a tool to help security teams test their monitoring and detection capabilities for their Okta environment. Dorothy has several modules to simulate actions that an attacker might take while operating in an Okta environment and...

Juumla - Tool Designed To Identify And Scan For Version, Config Files In The CMS Joomla!

Juumla is a python tool developed to identify the current Joomla version and scan for readable Joomla config files. Installing / Getting started A quick guide of how to install and use Juumla. 1. Clone the repository - git clone https://github.com/oppsec/juumla.git 2. Install the libraries - pip3...

Rconn - Rconn Is A Multiplatform Program For Creating Generic Reverse Connections

rconn reverse connection is a multiplatform program for creating reverse connections. It lets you consume services that are behind NAT and/or firewall without adding firewall rules or port-forwarding. This is achieved by creating a connection from the node behind the firewall/NAT to a port on you...

Ppmap - A Scanner/Exploitation Tool Written In GO, Which Leverages Prototype Pollution To XSS By Exploiting Known Gadgets

A simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets checks for specific variables in the global context to perform XSS via Prototype Pollution. NOTE: The program only exploits known gadgets, but does not cover code analysis or any advanced...

Terraguard - Create And Destroy Your Own VPN Service Using WireGuard

This project's goal is to be simple to create and destroy your own VPN service using WireGuard. Prerequisites Terraform = 1.0.0 Ansible = 2.10.5 How to Deploy Terraform Run with sudo is necessary because we need permission on localhost to install packages, configure a network interface and start ...

Pathprober - Probe And Discover HTTP Pathname Using Brute-Force Methodology And Filtered By Specific Word Or 2 Words At Once

Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once. Purpose Brute-forcing website directories or HTTP pathname and validate using HTTP response code is not relevant anymore. This tool will help you to perform a penetration test, because...

In0ri - Defacement Detection With Deep Learning

In0ri is a defacement detection system utilizing a image-classification convolutional neural network. Introduction When monitoring a website, In0ri will periodically take a screenshot of the website then put it through a preprocessor that will resize the image down to 250x250px and numericalize t...

TeamsUserEnum - User Enumeration With Microsoft Teams API

Sometimes user enumeration could be sometimes useful during the reconnaissance of an assessment. This tool will determine if an email is registered on teams or not. More details on the immunIT's blog Usage Microsoft Teams with the search features. This tool validates an email address or a list of...

Pstf2 - Passive Security Tools Fingerprinting Framework

Have you ever wanted a simple, easy and stealth bypass for multiple classes of security products? pstf^2 pronounced pstf-square is an implementation of an HTTP server capable of passive browser fingerprinting - and it might just be the thing you are looking for. When attackers try to deliver a...

Beanshooter - JMX Enumeration And Attacking Tool

Beanshooter is a command line tool written in Java , which helps to identify common vulnerabilities on JMX endpoints. Introduction JMX stands for Java Management Extensions and can be used to monitor and configure the Java Virtual Machine from remote. Applications like tomcat or JBoss are often...

Hash-Buster v3.0 - Crack Hashes In Seconds

Why crack hashes when you can bust them? Features Automatic hash type identification Supports MD5, SHA1, SHA256, SHA384, SHA512 Can extract & crack hashes from a file Can find hashes from a directory, recursively Multi-threading Insallation & Usage Note: Hash Buster isn't compatible with python2,...

Allsafe - Intentionally Vulnerable Android Application

Allsafe is an intentionally vulnerable application that contains various vulnerabilities. Unlike other vulnerable Android apps, this one is less like a CTF and more like a real-life application that uses modern libraries and technologies. Additionally, I have included some Frida based challenges...

Regexploit - Find Regular Expressions Which Are Vulnerable To ReDoS (Regular Expression Denial Of Service)

Find regexes which are vulnerable to Regular Expression Denial of Service ReDoS. More info onthe Doyensec blog Many default regular expression parsers have unbounded worst-case complexity. Regex matching may be quick when presented with a matching input string. However, certain non-matching input...

MANSPIDER - Spider Entire Networks For Juicy Files Sitting On SMB Shares. Search Filenames Or File Content - Regex Supported!

Crawl SMB shares for juicy information. File content searching + regex is supported! File types supported: PDF DOCX XLSX PPTX any text-based format and many more!! MAN-SPIDER will crawl every share on every target system. If provided creds don't work, it will fall back to "guest", then to a null...

Orbitaldump - A Simple Multi-Threaded Distributed SSH Brute-Forcing Tool Written In Python

A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxies switch, it acts just like any other multi-threaded SSH brute-forcing scripts. When the --proxies switch is added, the script pulls a list usually thousands ...

ARTIF - An Advanced Real Time Threat Intelligence Framework To Identify Threats And Malicious Web Traffic On The Basis Of IP Reputation And Historical Data.

ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputation and historical data. It also performs automatic enrichment and threat scoring by collecting,...

DNSStager - Hide Your Payload In DNS

DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting...

Cilium - eBPF-based Networking, Security, And Observability

Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application workloads such as application containers or processes. Cilium operates at Layer 3/4 to provide traditional networking and security services as well as Layer 7 to...

Bughound - Static Code Analysis Tool Based On Elasticsearch

Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana to get useful insights about the potential vulnerabilities in your code. Bughound has its own Elasticsearch and Kibana Docker image that is preconfigured with dashboards ...

Kali-Whoami - A Privacy Tool Developed To Keep You Anonymous On Kali Linux At The Highest Level

The purpose of the Whoami tool makes you as anonymous as possible on Kali linux. It is an user friendly with its ease of use and simple interface. It follows two different paths to ensure the highest possible level of anonymity. Finally, don't forget that there is never a hundred percent security...