Shennina : Automating Host Exploitation With AI
.png "Shennina : Automating Host Exploitation With AI")
Shennina is an automated host exploitation framework. The mission of the project is to fully automate the scanning, vulnerability scanning/analysis, and exploitation using Artificial Intelligence. Shennina is integrated with Metasploit and Nmap for performing the attacks, as well as being integrated with an in-house Command-and-Control Server for exfiltrating data from compromised machines automatically. This was developed by Mazin Ahmed and...
laZzzy : Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques
.png "laZzzy : Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques")
laZzzy is a shellcode loader that demonstrates different execution techniques commonly employed by malware. laZzzy was developed using different open-source header-only libraries. Features Direct syscalls and native (Nt*) functions (not all functions but most) Import Address Table (IAT) evasion Encrypted payload (XOR and AES) Randomly generated key Automatic padding (if necessary) of payload with NOPS (x90) Byte-by-byte in-memory decryption of payload XOR-encrypted strings PPID spoofing Blocking of non-Microsoft-signed DLLs (Optional)...
Octosuite : Advanced Github OSINT Framework
Octosuite is a framework fro gathering osint on GitHub users, repositories and organization. Features Fetches an organization's profile informationFetches an oganization's eventsReturns an organization's repositoriesReturns an organization's public membersFetches a repository's informationReturns a repository's contributorsReturns a repository's languagesFetches a repository's stargazersFetches a repository's forksFetches a repository's releasesReturns a list of files in a specified path of a repositoryFetches a user's...
How to Separate Pages in PDFwithUPDF – the First-Rate PDF Software
Do you know how to separate pages in PDF? It is high time to explore the best ways to perform it efficiently. Surf the below content to get valuable insights on it. In certain scenarios, splitting the pages in PDF is required to extract specific content in the file. It is high time to learn how to separate pages in...
Codecepticon : .NET Application That Allows You To Obfuscate C#, VBA/VB6 (Macros), And PowerShell Source Code
.png "Codecepticon : .NET Application That Allows You To Obfuscate C#, VBA/VB6 (Macros), And PowerShell Source Code")
Codecepticon is a .NET application that allows you to obfuscate C#, VBA/VB6 (macros), and PowerShell source code, and is developed for offensive security engagements such as Red/Purple Teams. What separates Codecepticon from other obfuscators is that it targets the source code rather than the compiled executables, and was developed specifically for AV/EDR evasion. Codecepticon allows you to obfuscate and rewrite...
Legitify : Detect & Remediate Misconfigurations & Security Risks Across All Your GitHub Assets
.png "Legitify : Detect & Remediate Misconfigurations & Security Risks Across All Your GitHub Assets")
Legitify is a tool to strengthen the security posture of your GitHub organization. Detect and remediate misconfigurations, security and compliance issues across all your GitHub assets with ease. Installation You can download the latest legitify release from https://github.com/Legit-Labs/legitify/releases, each archive contains: Legitify binary for the desired platform Built-in policies provided by Legit Security From source with the following steps: git clone git@github.com:Legit-Labs/legitify.git go run main.go analyze...
6 Benefits Of Using Open-Source Inventory Management Software For Your Business
The supply-demand ratio of a business is one of the most critical factors determining its effectiveness. Various companies are available, such as retail, manufacturing, wholesale, dealerships, distribution, and restaurants. Ensure you monitor your gadget inventory to keep up with demand. You need to assess how your inventory is planned - do you have all the essentials on hand? Is there...
Burp Suite Tutorial – A Web Application Penetration Testing Tool – Beginners Guide
In this Burp Suite Tutorial, we are going to elaborately describe the Burp Suite tool and its features that are bundled in a single suite made for Web Application Security assessment as well as Penetration testing. It's a java executable and hence it's cross-platform. Kali Linux comes with Burp Suite free edition installed. There is also a professional version...
Pyramid : A Tool To Help Operate In EDRs’ Blind Spots
.png "Pyramid : A Tool To Help Operate In EDRs’ Blind Spots")
Pyramid is a set of Python scripts and module dependencies that can be used to evade EDRs. The main purpose of the tool is to perform offensive tasks by leveraging some Python evasion properties and looking as a legit Python application usage. This can be achieved because: the Python Embeddable package provides a signed Python interpreter with good reputation; Python has...
Metasploit Framework – A Beginner’s Guide for Penetration Testing & Exploit Development
Metasploit Framework is a collection of exploits, shellcodes, fuzzing tools, payloads, encoders etc. Moreover, we can regard it as a collection of exploitation tools bundled into a single framework. It is available in all major Linux, Windows, OS X platforms. Its main objective is to test your/company's/organization's defenses by attacking them. Something like "Offense for Defense". This is actually where a...
