Heyserial will Programmatically create hunting rules for deserialization exploitation with multiple
Help: python3 heyserial.py -h
Examples:
python3 heyserial.py -c ‘ExampleChain::condition1+condition2’ -t JavaObj
python3 heyserial.py -k cmd.exe whoami ‘This file cannot be run in DOS mode’
python3 heyserial.py -k Process.Start -t NETViewState -e base64 “base64+utf16le”
This is a tool to automate bulk testing of Snort and Yara rules on a variety of sample files.
Usage: python3 checkyoself.py [-y rules.yara] [-s rules.snort] [-o file_output_prefix] [--matches] [--misses] -d malware.exe malware.pcap
Examples: python3 checkyoself.py -y rules/javaobj -s rules/javaobj -d payloads/javaobj pcaps --misses -o java_misses
YSoSerial.NET v1.34 payload generation. Run on Windows from the ./utils directory.
YSoSerial payload generation. Run on Linux from the ./utils directory.
Installing Snort on a Debian based system was a bit finnicky for me, so I wrote my install notes here.
Use at your own risk in a VM that you have snapshotted recently.
Simple Python script that runs an HTTP server on 127.0.0.1:12345 and accepts POST requests.
Handy for generating test PCAPs.
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
If you are working with Linux or writing bash scripts, one of the most common…
What is a bash case statement? A bash case statement is a way to control…
Why Do We Check Files in Bash? When writing a Bash script, you often work…