Chisel-Strike : A .NET XOR Encrypted Cobalt Strike Aggressor Implementation For Chisel To Utilize Faster Proxy
.png "Chisel-Strike : A .NET XOR Encrypted Cobalt Strike Aggressor Implementation For Chisel To Utilize Faster Proxy")
Chisel-Strike is a .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities. Why write this? In my experience I found socks4/socks4a proxies quite slow in comparison to its socks5 counterparts and a lack of implementation of socks5 in most C2 frameworks. There is a C# wrapper around the go version of chisel called SharpChisel. This...
OffensiveVBA : Code Execution And AV Evasion Methods For Macros In Office Documents
.png "OffensiveVBA : Code Execution And AV Evasion Methods For Macros In Office Documents")
OffensiveVBA, In preparation for a VBS AV Evasion Stream/Video I was doing some research for Office Macro code execution methods and evasion techniques. The list got longer and longer and I found no central place for offensive VBA templates - so this repo can be used for such. It is very far away from being complete. If you know any...
Packj : Large-Scale Security Analysis Platform To Detect Malicious/Risky Open-Source Packages
Packj (pronounced package) is a command line (CLI) tool to vet open-source software packages for "risky" attributes that make them vulnerable to supply chain attacks. This is the tool behind our large-scale security analysis platform Packj.dev that continuously vets packages and provides free reports. How To Use Packj accepts two input args: name of the registry or package manager, pypi, npm, or rubygems.name of the...
MrKaplan : Tool Aimed To Help Red Teamers To Stay Hidden By Clearing Evidence Of Execution
.png "MrKaplan : Tool Aimed To Help Red Teamers To Stay Hidden By Clearing Evidence Of Execution")
MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution. It works by saving information such as the time it ran, snapshot of files and associate each evidence to the related user. This tool is inspired by MoonWalk, a similar tool for Unix machines. You can read more about it in the wiki page. Features Stopping event logging.Clearing files...
BlackStone : Pentesting Reporting Tool
.png "BlackStone : Pentesting Reporting Tool")
BlackStone project or "BlackStone Project" is a tool created in order to automate the work of drafting and submitting a report on audits of ethical hacking or pentesting. In this tool we can register in the database the vulnerabilities that we find in the audit, classifying them by internal, external audit or wifi, in addition, we can put your description...
Smap : A Drop-In Replacement For Nmap Powered By Shodan.Io
.png "Smap : A Drop-In Replacement For Nmap Powered By Shodan.Io")
Smap is a port scanner built with shodan.io's free API. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacament for Nmap. Features Scans 200 hosts per secondDoesn't require any account/api keyVulnerability detectionSupports all nmap's output formatsService and version fingerprintingMakes no contact to the targets Installation Binaries You can download a pre-built binary from here and use...
Pict : Post-Infection Collection Toolkit
.png "Pict : Post-Infection Collection Toolkit")
Pict, this set of scripts is designed to collect a variety of data from an endpoint thought to be infected, to facilitate the incident response process. This data should not be considered to be a full forensic data collection, but does capture a lot of useful forensic information. If you want true forensic data, you should really capture a full memory dump...
Peetch : An eBPF Playground
.png "Peetch : An eBPF Playground")
peetch is a collection of tools aimed at experimenting with different aspects of eBPF to bypass TLS protocol protections. Currently, peetch includes two subcommands. The first called dump aims to sniff network traffic by associating information about the source process with each packet. The second called tls allows to identify processes using OpenSSL to extract cryptographic keys. Combined, these two commands make it possible to decrypt...
Cirrusgo : A Fast Tool To Scan SAAS, PAAS App Written In Go
.png "Cirrusgo : A Fast Tool To Scan SAAS, PAAS App Written In Go")
Cirrusgo is a fast tool to scan SAAS,PAAS App written in Go SAAS App Support : salesforcecontentful (next version) Note flag -o output not working install : golang 1.18Ver go install -v github.com/Ph33rr/cirrusgo/cmd/cirrusgo@latestorgo install -v github.com/Ph33rr/CirrusGo/cmd/cirrusgo@latest Help cirrusgo --help _ _ / /() _ _ / // / / // // // / / // // / / _ / / / // / / / / //...
Kage : Graphical User Interface For Metasploit Meterpreter And Session Handler
.png "Kage : Graphical User Interface For Metasploit Meterpreter And Session Handler"){kind=logo}
Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads.For now it only supports windows/meterpreter & android/meterpreter. Getting Started Please follow these instructions to get a copy of Kage running on your local machine without any problems. Prerequisites Metasploit-framework must be installed and in your PATH:MsfrpcdMsfvenomMsfdb Installing You can install Kage binaries from here. for developers to run the app from source code: Download source...
