Winevt_logs_analysis : Searching .evtx Logs For Remote Connections
Winevt logs analysis is a simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for some EventIDs regarding remote logins and sessions. You should pip install -r requirements.txt so the script can work and parse some of the .evtx files inside winevt folder. The winevt/Logs folders and the script must have...
C99Shell-PHP7 – PHP 7 And Safe-Build Update Of The Popular C99 Variant Of PHP Shell
C99Shell-PHP7 is a PHP 7 and safe-build Update of the popular C99 variant of PHP Shell. An excellent example of a web shell is the c99 variant, which is a PHP shell (most of them calls it malware) often uploaded to a vulnerable web application to give hackers an interface. The c99 shell lets the attacker take control of the...
Leaktopus – To Keep Your Source Code Under Control
Leaktopus is a tool to keep your source code under control. Key Features Plug&Play - one line installation with Docker. Scan various sources containing a set of keywords, e.g. ORGANIZATION-NAME.com. Currently supports: GitHub Repositories Gists (coming soon) Paste sites (e.g., PasteBin) (coming soon) Filter results with a built-in heuristic engine. Enhance results with IOLs (Indicators Of Leak): Secrets in the found sources (including Git repos commits history): With...
Heap_detective : To Detect Heap Memory Pitfalls In C++ And C
Heap_Detective is the simple way to detect heap memory pitfalls in C++ and C. Beta. This tool uses the taint analysis technique for static analysis and aims to identify points of heap memory usage vulnerabilities in C and C++ languages. The tool uses a common approach in the first phase of static analysis, using tokenization to collect information. The second phase...
Darkdump2 – Search The Deep Web Straight From Your Terminal
Darkdump is a simple script written in Python3.11 in which it allows users to enter a search term (query) in the command line and darkdump will pull all the deep web sites relating to that query. Darkdump2.0 is here, enjoy! Installation git clone https://github.com/josh0xA/darkdump cd darkdump python3 -m pip install -r requirements.txt python3 darkdump.py --help Usage Example 1: python3 darkdump.py --query programmingExample 2: python3 darkdump.py --query="chat...
EAST – Extensible Azure Security Tool – Documentation
Extensible Azure Security Tool (Later referred as E.A.S.T) is tool for assessing Azure and to some extent Azure AD security controls. Primary use case of EAST is Security data collection for evaluation in Azure Assessments. This information (JSON content) can then be used in various reporting tools, which we use to further correlate and investigate the data. This tool is...
Aws-Security-Assessment-Solution – An AWS Tool To Help You Create A Point In Time Assessment Of Your AWS Account
Aws-Security-Assessment-Solution is an AWS tool to help you create a point in time assessment of your AWS account using Prowler and Scout as well as optional AWS developed ransomware checks. Self-Service Security Assessment tool Cybersecurity remains a very important topic and point of concern for many CIOs, CISOs, and their customers. To meet these important concerns, AWS has developed a primary...
Suborner : The Invisible Account Forger
Suborner is a simple program to create a Windows account you will only know about :) Create invisible local accounts without net user or Windows OS user management applications (e.g. netapi32::netuseradd) Works on all Windows NT Machines (Windows XP to 11, Windows Server 2003 to 2022) Impersonate through RID Hijacking any existing account (enabled or disabled) after a successful authentication Create an...
Monomorph : MD5-Monomorphic Shellcode Packer
Monomorph is a MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash. ...
Sandfly-Entropyscan : Entropy Scanner For Linux To Detect Packed / Encrypted Binaries Related To Malware
Sandfly-Entropyscan is an Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes. Sandfly-Entropyscan is a utility to quickly scan files or running processes and report on their entropy (measure of randomness) and if they are a Linux/Unix ELF type executable. Some malware for...
