DeathSleep : A PoC Implementation For An Evasion Technique To Terminate The Current Thread And Restore
DeathSleep, a PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution. Intro Sleep and obfuscation methods are well known in the maldev community, with different implementations, they have the objective of hiding from memory scanners while sleeping, usually changing page protections and even adding cool...
SecureCodeBox : Automate A Bunch Of Security-Testing Tools Out Of The Box
secureCodeBox is a kubernetes based, modularized toolchain for continuous security scans of your software project. Its goal is to orchestrate and easily automate a bunch of security-testing tools out of the box. Purpose of this Project The typical way to ensure application security is to hire a security specialist (aka penetration tester) at some point in your project to check the application...
DongTai : Open-Source Passive Interactive Security Testing (IAST) Product
.png "DongTai : Open-Source Passive Interactive Security Testing (IAST) Product")
DongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and taint tracking algorithms to achieve universal vulnerability detection and multiples request associated with vulnerability detection (including but not limited to unauthorized vulnerabilities, overpower vulnerabilities), Third-party component vulnerability detection, etc. Currently, applications in Java and Python are supported for vulnerability detection. Project structure .├── deploy├── dongtai_common common functions and classes for...
Kubeeye : Audit Tool For Kubernetes
KubeEye is an inspection tool for Kubernetes to discover Kubernetes resources (by OPA ), cluster components, cluster nodes (by Node-Problem-Detector) and other configurations are meeting with best practices, and giving suggestions for modification. KubeEye supports custom inspection rules and plugins installation. Through KubeEye Operator, you can view the inspection results and modification suggestions by the graphical display on the web page. Architecture KubeEye get cluster resource...
XLL_Phishing : XLL Phishing Tradecraft
.png "XLL_Phishing : XLL Phishing Tradecraft")
XLL_Phishing, With Microsoft's recent announcement regarding the blocking of macros in documents originating from the internet (email AND web download), attackers have began aggressively exploring other options to achieve user driven access (UDA). There are several considerations to be weighed and balanced when looking for a viable phishing for access method: Complexity - The more steps that are required on the user's...
unblob : Extract files from any kind of container formats
.png "unblob : Extract files from any kind of container formats")
unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats, extracts their content recursively, and carves out unknown chunks that have not been accounted for. Unblob is free to use, licensed with the MIT license. It has a Command Line Interface and can be used as a Python library.This turns unblob into the perfect companion for extracting, analyzing, and reverse...
kics : Find security vulnerabilities, compliance issues, and infrastructure misconfigurations
.png "kics : Find security vulnerabilities, compliance issues, and infrastructure misconfigurations")
KICS, which stands for Keeping Infrastructure as Code Secure, is an essential component of every cloud-native project and is open source. Use KICS by Checkmarx to identify security flaws, legal compliance problems, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code. How it Works KICS's built-in extensibility is what makes it so strong and well-liked. Achieving this extensibility entails: Queries...
SharpImpersonation : A User Impersonation Tool – Via Token Or Shellcode Injection
.png "SharpImpersonation : A User Impersonation Tool – Via Token Or Shellcode Injection")
SharpImpersonation is a User Impersonation Tool - Via Token Or Shellcode Injection. This was a learning by doing project from my side. Well known techniques are used to built just another impersonation tool with some improvements in comparison to other public tools. The code base was taken from: https://github.com/0xbadjuju/Tokenvator A blog post for the intruduction can be found here: https://s3cur3th1ssh1t.github.io/SharpImpersonation-Introduction/ List user processes List only elevated...
SDomDiscover : A Easy-To-Use Python Tool To Perform DNS Recon
.png "SDomDiscover : A Easy-To-Use Python Tool To Perform DNS Recon")
SDomDiscover a easy-to-use python tool to perform dns recon, subdomain enumeration and much more The purpouse of this tool is helping bug haunters and pentesters during reconnaissance If you want to know more about the tool you can read my own post in my blog (written in spanish) Installation It can be used in any system with python3 You can easily install AORT using pip: pip3 install...
Pinecone : A WLAN Red Team Framework
.png "Pinecone : A WLAN Red Team Framework"){kind=logo}
Pinecone is a WLAN networks auditing tool, suitable for red team usage. It is extensible via modules, and it is designed to be run in Debian-based operating systems. Pinecone is specially oriented to be used with a Raspberry Pi, as a portable wireless auditing box. This tool is designed for educational and research purposes only. Only use it with explicit...
