Frostbyte : FrostByte Is A POC Project That Combines Different Defense Evasion Techniques
.png "Frostbyte : FrostByte Is A POC Project That Combines Different Defense Evasion Techniques")
FrostByte Is A POC Project That Combines Different Defense Evasion Techniques. In the past few days I've been experimenting with the AppDomain manager injection technique had a decent success with it in my previous Red Team engagements against certain EDRs. Although, this is really good for initial access vector, I wanted to release a POC which will help hiding your shellcode...
Admin-Panel_Finder : A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces
.png "Admin-Panel_Finder : A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces")
Admin-Panel_Finder is a burp suite extension that enumerates infrastructure and application Admin Interfaces.OWASP References: Classification: Web Application Security Testing > 02-Configuration and Deployment Management TestingOTG v4: OWASP OTG-CONFIG-005WSTG: WSTG-CONF-05 Why should I use this extension? Multi-threadDifferent and configurable levels of test.Includable status codesExcludable status codesMore than 1000 built-in payloads.You can load your dictionary.Editable root directoryAutomatic detection of used technologies to generate custom payloads.Passive...
Gshell : A Flexible And Scalable Cross-Plaform Shell Generator Tool
.png "Gshell : A Flexible And Scalable Cross-Plaform Shell Generator Tool")
Gshell is a simple yet flexible cross-platform shell generator tool. A cross-platform shell generator tool that lets you generate whichever shell you want, in any system you want, giving you full control and automation. Is cross-platform, you can use it in operating systems such as: Unix-based systemsGNU/LinuxWindowsmacOS Generates the following shells: Bind Shells: The target has a listening port and we connect to...
DOMDig : DOM XSS Scanner For Single Page Applications
.png "DOMDig : DOM XSS Scanner For Single Page Applications")
DOMDig is a DOM XSS scanner that runs inside the Chromium web browser and it can scan single page applications (SPA) recursively.Unlike other scanners, DOMDig can crawl any webapplication (including gmail) by keeping track of DOM modifications and XHR/fetch/websocket requests and it can simulate a real user interaction by firing events. During this process, XSS payloads are put into...
ConfluencePot : Simple Honeypot For Atlassian Confluence (CVE-2022-26134)
.png "ConfluencePot : Simple Honeypot For Atlassian Confluence (CVE-2022-26134)")
ConfluencePot is a simple honeypot for the Atlassian Confluence unauthenticated and remote OGNL injection vulnerability (CVE-2022-26134). About the vulnerability You can find the official advisory by Atlassian to this vulerability here. For details about the inner workings and exploits in the wild you should refer to the reports by Rapid7 and Cloudflare. Affected but not yet patched systems should be deemed compromised until further investigation. About the tool ConfluencePot...
SharpEventPersist : Persistence By Writing/Reading Shellcode From Event Log
.png "SharpEventPersist : Persistence By Writing/Reading Shellcode From Event Log")
SharpEventPersist is a Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file "C:pathtoshellcode.bin"-instanceid 1337-source Persistence-eventlog "Key Management Service". The shellcode is converted to hex and written to the "Key Management Service", event level is set to "Information" and source is "Persistence".Run the SharpEventLoader tool to fetch shellcode from event log and execute it. Ideally this should...
MITM_Intercept : A Little Bit Less Hackish Way To Intercept And Modify non-HTTP Protocols Through Burp And Others
.png "MITM_Intercept : A Little Bit Less Hackish Way To Intercept And Modify non-HTTP Protocols Through Burp And Others")
MITM_Intercept is a little bit less hackish way to intercept and modify non-HTTP protocols through Burp and others with SSL and TLS interception support. This tool is for researchers and applicative penetration testers that perform thick clients security assesments. An improved version of the fantastic mitm_relay project. The Story As part of our work in the research department of CyberArk Labs, we needed...
Jeeves : Time-Based Blind SQLInjection Finder
.png "Jeeves : Time-Based Blind SQLInjection Finder")
Jeeves is made for looking to Time-Based Blind SQLInjection through recon. Installation & Requirements Installing Jeeves $ go install github.com/ferreiraklet/Jeeves@latest OR $ git clone https://github.com/ferreiraklet/Jeeves.git$ cd Jeeves$ go build jeeves.go$ chmod +x jeeves$ ./jeeves -h Usage & Explanation Single urls echo 'https://redacted.com/index.php?id=your_time_based_blind_payload_here' | jeeves -t payload_timeecho "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves --payload-time 5echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(10)))v)" | jeeves -t 10 In --payload-time you must use the...
WhiteBeam : Transparent Endpoint Security
WhiteBeam is a Transparent endpoint security Features Block and detect advanced attacksModern audited cryptography: RustCrypto for hashing and encryptionHighly compatible: Development focused on all platforms (incl. legacy) and architecturesSource available: Audits welcomeReviewed by security researchers with combined 100+ years of experience Installation WhiteBeam is currently unavailable for installation due to backwards-incompatible security enhancements for 0.3. Check back soon! From Packages (Linux) Distro-specific packages have not been released...
Pulsar : Data Exfiltration And Covert Communication Tool
.png "Pulsar : Data Exfiltration And Covert Communication Tool")
Pulsar is a tool for data exfiltration and covert communication that enable you to create a secure data transfer, a bizarre chat or a network tunnel through different protocols, for example you can receive data from tcp connection and resend it to real destination through DNS packets Setting up Pulsar First, getting the code from repository and compile it with following...
