Heyserial will Programmatically create hunting rules for deserialization exploitation with multiple
Help: python3 heyserial.py -h
Examples:
python3 heyserial.py -c ‘ExampleChain::condition1+condition2’ -t JavaObj
python3 heyserial.py -k cmd.exe whoami ‘This file cannot be run in DOS mode’
python3 heyserial.py -k Process.Start -t NETViewState -e base64 “base64+utf16le”
This is a tool to automate bulk testing of Snort and Yara rules on a variety of sample files.
Usage: python3 checkyoself.py [-y rules.yara] [-s rules.snort] [-o file_output_prefix] [--matches] [--misses] -d malware.exe malware.pcap
Examples: python3 checkyoself.py -y rules/javaobj -s rules/javaobj -d payloads/javaobj pcaps --misses -o java_misses
YSoSerial.NET v1.34 payload generation. Run on Windows from the ./utils directory.
YSoSerial payload generation. Run on Linux from the ./utils directory.
Installing Snort on a Debian based system was a bit finnicky for me, so I wrote my install notes here.
Use at your own risk in a VM that you have snapshotted recently.
Simple Python script that runs an HTTP server on 127.0.0.1:12345 and accepts POST requests.
Handy for generating test PCAPs.
The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…
Introduction In digital investigations, images often hold more information than meets the eye. With the…
The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…
What is a Port? A port in networking acts like a gateway that directs data…
The ls command is fundamental for anyone working with Linux. It’s used to display the files and…
The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…