4 Next-Generation Security Technologies: SCA, XDR, SAST, and eBPF
What Are Next-Gen Security Technologies? As businesses increasingly rely on remote access and distributed computing resources, their threat landscape grows. Advances in technology introduce new threats and vulnerabilities that are often invisible to traditional cybersecurity tools. In addition, traditional security tools often generate a large number of alerts, many of which are false positives, creating a burden for IT and...
Shells : Little Script For Generating Revshells
.png "Shells : Little Script For Generating Revshells")
Shells is a script for generating common revshells fast and easy. Especially nice when in need of PowerShell and Python revshells, which can be a PITA getting correctly formatted. PowerShell revshells Shows username@computer, above the prompt and working-directory Has a partial AMSI-bypass, making some stuff a bit easier TCP and UDP Windows Powershell and Core Powershell Functions for uploading and downloading files. (Using Updog by...
Pywirt : Python Windows Incident Response Toolkit
Pywirt application, it is aimed to accelerate the incident response processes by collecting information in windows operating systems via winrm. Features Information is collected in the following contents. IP Configuration Users Groups Tasks Services Task Scheduler Registry Control Active TCP & UDP ports File sharing Files Firewall Config Sessions with other Systems Open Sessions Log Entries Installation git clone https://github.com/anil-yelken/pywirtcd pywirtpip3 install pywinrm Usage The following information should be specified in the cred_list.txt file: IP|Username|Password Click Here To Download
DomainDouche – OSINT Tool to Abuse SecurityTrails Domain
DomainDouche is a abusing securitytrails domain suggestion API to find potentially related domains by keyword and brute force. Demo Usage usage: domaindouche.py -c COOKIE -a USER_AGENT keyword Abuses SecurityTrails API to find related domains by keyword. Go to https://securitytrails.com/dns-trails, solve any CAPTCHA you might encounter, copy the raw value of your Cookie and User-Agent headers and use them with the -c...
D4TA-HUNTER : GUI OSINT Framework With Kali Linux
D4TA-HUNTER is a tool created in order to automate the collection of information about the employees of a company that is going to be audited for ethical hacking. In addition, in this tool, we can find in the "search company" section by inserting the domain of a company, emails of employees, subdomains, and IPs of servers. Get API Key Register on https://rapidapi.com/rohan-patra/api/breachdirectory Install git...
Pycrypt : Python Based Crypter That Can Bypass Any Antivirus Products
Pycrypt is a python-based Crypter that can bypass any antivirus product. Antivirus software are protecting computers from malicious software including keyloggers, browser hijackers, Trojan horses, worms, rootkits, spyware, adware, botnets, and ransomware. Pycrypt Features FUD Ratio 0/40 Bypass Any EDR Solutions Lightweight Crypter Very Small And Simple Crypter Note: Make Sure your payload file has all the libraries imported and it will be a valid...
EvilTree : A Remake Of The Classic “Tree” Command
EvilTree is a standalone python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches. Created for two main reasons: While searching for secrets in files of nested directory structures, being able to visualize which files contain user provided keywords/regex patterns and where those files are located...
Kubeeye : Tool To Find Various Problems On Kubernetes
KubeEye is an inspection tool for Kubernetes. It discovers whether Kubernetes resources (by using OPA ), cluster components, cluster nodes (by using Node-Problem-Detector), and other configurations comply with best practices and makes modification suggestions accordingly. KubeEye supports custom inspection rules and plugin installation. With KubeEye Operator, you can intuitively view the inspection results and modification suggestions on the web console. Architecture KubeEye...
MSMAP : Memory WebShell Generator
Msmap is a Memory WebShell Generator. Compatible with various Containers, Components, Encoder, WebShell / Proxy / Killer and Management Clients. Function Dynamic Menu Automatic Compilation Generate Script Lite Mode Graphical Interface Container Java Tomcat7 Tomcat8 Tomcat9 Tomcat10 Resin3 Resin4 WebSphere GlassFish WebLogic JBoss Spring* Netty JVM* .NET IIS PHP Python *: SpringHandler only support for JDK8+ *: Default support for Linux Tomcat 8/9, more versions can be adapted according to the advanced guide. WebShell / Proxy / Killer WebShell CMD / SH AntSword JSPJS Behinder Godzilla No need for modularity Proxy: Neo-reGeorg, wsproxy Killer: java-memshell-scanner, ASP.NET-Memshell-Scanner Decoder...
SharpSCCM : A C# Utility For Interacting With SCCM
SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager (a.k.a. ConfigMgr, formerly SCCM) for lateral movement and credential gathering without requiring access to the SCCM administration console GUI. SharpSCCM was initially created to execute user hunting and lateral movement functions ported from PowerSCCM (by @harmj0y, @jaredcatkinson, @enigma0x3, and @mattifestation) and now contains additional functionality to gather credentials...
