Supernova : The Ultimate Shellcode Encryption & Conversion Toolkit
Meet Supernova, the new and improved shellcode encryption tool made for today's ethical hackers. Supernova is written in Golang and works with both Windows and Linux. It has a wide range of encryption ciphers, such as ROT, XOR, RC4, and AES. What makes it different? It's not just an encryptor; it also changes your encrypted shellcode into forms that...
Combine Tool – Bypass EDRs & Secure Windows Credentials
.webp "Combine Tool – Bypass EDRs & Secure Windows Credentials")
By readapting the safetydump rust library (many thanks to the author!!!), I have been able to EASILY bypass all the countermeasures put in place by most EDRs, except Kaspersky EDR, and TrendMicro (new detection, from a couple hours ago) dbghelp!MiniDumpWriteDump with a custom callback could be used, until a year ago, to bypass most antivirus and EDR solutions. Now, most of...
EDRSandblast-GodFault: Advanced EDR Bypass Tool
EDRSandblast-GodFault is an advanced EDR bypass tool aimed at security researchers and organizations. Its purpose is to evaluate the effectiveness of current EDR systems by simulating real-world attack techniques. Use this tool responsibly and only on systems where you have explicit authorization. Integrates GodFault into EDR Sandblast, achieving the same result without the use of any vulnerable drivers. Example Output C:UsersuserDesktopOffsets>EDRSandblast.exe --kernelmode cmd D3FC0N 30...
Prebuilt Multi-Arch Binaries for Enhanced Device Management
Prebuilt binaries for multiple architeture (arm, armeb, aarch64, aarch64_be, mips, mips1, mipsel, mipsel1, mips64, mips64el, powerpc, powerpc64, powerpc64le, riscv64, i586, x86_64) All binaries are statically linked and stripped. Please go to the Release page for downloads. *archName*_tools.zip contains tools' binary (see Tools Section) for that specific arch, and allinone.zip contains all of it. Or download single file directly from bin branch. The source code and scripts can be found in the...
Empowering Frontline Workers: Streamline Device Management For An Enhanced Employee Experience
In today's fast-paced world, frontline workers play a vital role in delivering services and products directly to customers. From healthcare providers and retail associates to logistics personnel and customer service representatives, these frontline workers rely on mobile devices to streamline their tasks. To elevate and unleash their full potential, organizations are turning to the power of frontline device management solutions....
TelegramRAT – A Tool To Bypass Restricted Communications
A cross-platform Remote Access Tool that operates through Telegram, leveraging the secure messaging app for covert communication. Designed to navigate around network restrictions, TelegramRAT empowers users to remotely control computers, execute commands, retrieve system information, capture screenshots, and more, all while harnessing Telegram's encrypted platform. In this overview, we delve into TelegramRAT's functionality, installation process, and potential implications, shedding...
Autopsy- 4.21.0 Release With Faster Search And Malware Scanning
The 4.21 version of Autopsy is out, and this blog post will cover three of the most notable new features. You can see the full list of changes here. We’re going to cover, Inline Keyword Search Cyber Triage Malware Scanner Module Logical File Timestamps To download the latest version, go here. You can also attend a Webinar on September 12. Register here. Search For Keywords Without Building An...
ShadowSpray : Tool To Spray Shadow Credentials
ShadowSpray is a tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain. Why this tool In a lot of engagements I see (in BloodHound) that the group "Everyone" / "Authenticated Users" / "Domain Users" or some other wide group, which contains almost all the users in the...
Lfi-Space : Lfi Scan Tool
Screenshots How to use https://www.youtube.com/watch?v=rpcGqwZU2As Read Me LFI Space is a robust and efficient tool designed to detect Local File Inclusion (LFI) vulnerabilities in web applications. This tool simplifies the process of identifying potential security flaws by leveraging two distinct scanning methods: Google Dork Search and Targeted URL Scan. With its comprehensive approach, LFI Space assists security professionals, penetration testers,...
NucleiFuzzer – An Automation Tool
NucleiFuzzer is an automation tool that combines and enhances web application security testing. It uses ParamSpider to identify potential entry points and Nuclei's templates to scan for vulnerabilities. NucleiFuzzer streamlines the process, making it easier for security professionals and web developers to detect and address security risks efficiently. Download NucleiFuzzer to protect your web applications from vulnerabilities and attacks. Note: Nuclei + Paramspider = NucleiFuzzer Tools Included: ParamSpider git clone https://github.com/0xKayala/ParamSpider.git Nuclei git clone https://github.com/projectdiscovery/nuclei.git Templates: Fuzzing Templates git clone https://github.com/projectdiscovery/fuzzing-templates.git Output Usage nucleifuzzer -h This...
