R K, Author at Kali Linux Tutorials

Nimbo-C2 : Lightweight C2 Framework

Nimbo-C2 is yet another (simple and lightweight) C2 framework. Nimbo-C2 agent supports x64 Windows & Linux. It’s written in Nim, with some usage of .NET on Windows (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is much easier and robust using Powershell, hence this combination is made. The …

Continue reading “Nimbo-C2 : Lightweight C2 Framework”

NTLMRecon : Tool For Performing Light Brute-Forcing Of HTTP Servers

NTLMRecon is a tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints. NTLMRecon is a Golang version of the original NTLMRecon utility written by Sachin Kamath (AKA pwnfoo). NTLMRecon can be leveraged to perform brute forcing against a targeted webserver to identify common application endpoints supporting NTLM authentication. This …

Continue reading “NTLMRecon : Tool For Performing Light Brute-Forcing Of HTTP Servers”

Fuzztruction : Academic Prototype Of A Fuzzer

Fuzztruction is an academic prototype of a fuzzer that does not directly mutate inputs (as most fuzzers do) but instead uses a so-called generator application to produce an input for our fuzzing target. As programs generating data usually produce the correct representation, our fuzzer mutates the generator program (by injecting faults), such that the data …

Continue reading “Fuzztruction : Academic Prototype Of A Fuzzer”

FirebaseExploiter : Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable

FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for mass hunting bug bounties and for penetration testing. Features Usage This will display help for the CLI tool. Here are all the required arguments it supports. Installation FirebaseExploiter was built using go1.19. Make sure you …

Continue reading “FirebaseExploiter : Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable”

Bearer : Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks

Bearer is a Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks. Bearer CLI is a static application security testing (SAST) tool that scans your source code and analyzes your data flows to discover, filter and prioritize security and privacy risks. Currently supporting JavaScript, TypeScript and Ruby stacks.???? Java support …

Continue reading “Bearer : Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks”

hardCIDR : Linux Bash Script

hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The route server is selected at random at runtime. A Linux Bash script to discover the netblocks, or ranges, (in CIDR …

Continue reading “hardCIDR : Linux Bash Script”

PhoneSploit-Pro : An All-In-One Hacking Tool To Remotely Exploit Android Devices Using ADB And Metasploit-Framework To Get A Meterpreter Session

PhoneSploit with Metasploit Integration An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework. Complete Automation to get a Meterpreter session in One Click This tool can automatically Create, Install, and Run payload on the target device using Metasploit-Framework and ADB to completely hack the Android …

Continue reading “PhoneSploit-Pro : An All-In-One Hacking Tool To Remotely Exploit Android Devices Using ADB And Metasploit-Framework To Get A Meterpreter Session”

Kubei : A Flexible Kubernetes Runtime Scanner

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply …

Continue reading “Kubei : A Flexible Kubernetes Runtime Scanner”

auditpolCIS : CIS Benchmark Testing Of Windows SIEM Configuration

auditpolCIS is a CIS Benchmark testing of Windows SIEM configuration. This is an application for testing the configuration of Windows Audit Policy settings against the CIS Benchmark recommended settings. A few points: The automated assessment results from AuditpolCIS, as it’s based on CIS Benchmarks, helps in the support of meeting audit requirements for a number …

Continue reading “auditpolCIS : CIS Benchmark Testing Of Windows SIEM Configuration”

PortEx : Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness

PortEx is a Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java …

Continue reading “PortEx : Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness”