ICMPWatch – Advanced Sniffing & Analysis of ICMP Packets
ICMP Packet Sniffer is a Python program that allows you to capture and analyze ICMP (Internet Control Message Protocol) packets on a network interface. It provides detailed information about the captured packets, including source and destination IP addresses, MAC addresses, ICMP type, payload data, and more. The program can also store the captured packets in a SQLite database and save them...
PowerToys Run’s Quick Lookup Plugin
This plugin for PowerToys Run allows you to quickly search for an IP address, domain name, hash, or any other data point in a list of Cyber Security tools. It's perfect for security analysts, penetration testers, or anyone else who needs to quickly look up information when investigating artifacts or alerts. Installation To install the plugin: Navigate to your Powertoys Run Plugin folder For a...
Moniorg – Passive Monitoring via Certificate Transparency
Description Moniorg is a cutting-edge tool that uses Certificate Transparency logs to let you keep an eye on things without being noticed. With this tool, security experts can keep track of new names that are linked to an organization's SSL certificates. This gives them a unique look into the organization's infrastructure. By using the power of CT logs, Moniorg can...
HTTP-Shell: Multiplatform Reverse Connection Tool
HTTP-Shell is a multiplatform reverse shell. This tool helps you obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells, the main goal of the tool is to be used in conjunction with Microsoft Dev Tunnels in order to get a connection as close as possible to a legitimate one. This shell is not fully interactive...
WhatsApp’s Task Hijacking Bug Explained
.webp "WhatsApp’s Task Hijacking Bug Explained")
While reviewing the WhatsApp Android application, researchers identified a misconfiguration in AndroidManifest.xml related to task control features. This misconfiguration leads to a critical vulnerability called task hijacking and enables the attack flow against the latest WhatsApp on Android-based phones. In successful exploitation of the vulnerability, the malicious app can take over the "back stack" of the WhatsApp app, and whenever...
Domain Audit – Automated Active Directory Penetration Testing
.webp "Domain Audit – Automated Active Directory Penetration Testing")
The Tool is a wrapper around PowerView, Impacket, PowerUpSQL, BloodHound, Ldaprelayscan and Crackmapexec to automate the execution of enumeration and a lot of checks performed during a On-Prem Active Directory Penetration test. Thanks to all the authors of the original tools. Installation AND Setup Install python 3.10 (For example from the Windows store) git clone https://github.com/0xJs/domain_audit cd .domain_auditimport git clone https://github.com/SecureAuthCorp/impacket cd impacket; python3 -m...
Naabu – Fast and Efficient Port Scanner
Naabu is a powerful port scanning utility designed in the Go programming language, enabling fast and efficient port enumeration. Designed to swiftly detect valid ports on various hosts, this tool is optimized to perform SYN, CONNECT, and UDP scans. With its comprehensive feature set, Naabu not only lists ports that offer a reply but is also capable of Host...
Scan4All: A Next-Gen Automated Vulnerability Detection Security Tool
Scan4All is at the vanguard of modern cybersecurity solutions, offering a comprehensive suite of tools for automated vulnerability detection and threat analysis. Built on a robust Golang framework, this cross-platform toolkit seamlessly integrates with various systems, elevating the standard for next-generation security measures. Features What Is Scan4all: integrated vscan, nuclei, ksubdomain, subfinder, etc., fully automated and intelligent team tools? Code-level optimization, parameter...
CatSniffer – The Ultimate Multiprotocol IoT Attack Tool in USB Form
CatSniffer is an original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT (Internet of Things) devices. It was designed as a highly portable USB stick that integrates the new chips TI CC1352, Semtech SX1262, Microchip SAMD21E17 V2 or previous, and RP2040 V3 or later. This board is a Swiss army knife for IoT security researchers, developers, and...
Pineapple Mark VII REST Client
The Pineapple Mark VII REST Client offers a robust suite of tools for WiFi penetration testing and security analysis. Developed by TW-D and compatible with Ruby, it allows users to automate both active and passive network attacks. With an extensive library of payloads, this toolkit identifies vulnerable devices, facilitates WiFi exploitation, and offers comprehensive reconnaissance capabilities. Dive into the...
