Hakoriginfinder : Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs
.png "Hakoriginfinder : Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs")
Hakoriginfinder is a tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How Does It Work? This tool will first make a HTTP request to the hostname that you provide and store the response, then it will make a request to every IP address that you provide via HTTP (80) and HTTPS...
LEAF : Linux Evidence Acquisition Framework
.png "LEAF : Linux Evidence Acquisition Framework")
LEAF (Linux Evidence Acquisition Framework) acquires artifacts and evidence from Linux EXT4 systems, accepting user input to customize the functionality of the tool for easier scalability. Offering several modules and parameters as input, LEAF is able to use smart analysis to extract Linux artifacts and output to an ISO image file. Usage LEAF_master.py ] ] ] ]] ]]]]...
Stunner : Tool To Test And Exploit STUN, TURN And TURN Over TCP Servers
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. TURN is a protocol mostly used in videoconferencing and audio chats (WebRTC). If you find a misconfigured server you can use this tool to open a local socks proxy that relays all traffic via the TURN protocol into the internal network behind the server. I developed...
Ransomware-Simulator : Ransomware Simulator Written In Golang
Ransomware-Simulator, the goal of this repository is to provide a simple, harmless way to check your AV's protection on ransomware. This tool simulates typical ransomware behaviour, such as: Staging from a Word document macroDeleting Volume Shadow CopiesEncrypting documents (embedded and dropped by the simulator into a new folder)Dropping a ransomware note to the user's desktop The ransomware simulator takes no action that...
FindFunc : Advanced Filtering/Finding of Functions in IDA Pro
.png "FindFunc : Advanced Filtering/Finding of Functions in IDA Pro")
FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints. This is not a competitor to tools like Diaphora or BinNavi, but it is ideal to find a known function in a new binary for cases where classical bindiffing...
Pocsploit : A Lightweight, Flexible And Novel Open Source Poc Verification Framework
.png "Pocsploit : A Lightweight, Flexible And Novel Open Source Poc Verification Framework")
pocsploit is a lightweight, flexible and novel open source poc verification framework. Pain points of the POC framework in the market There are too many params, I don't know how to get started, but only some of them are commonly used.YAML poc framework(like nuclei & xray) is not flexible enough. the conversion cost is very high when writing poc. Sometimes it's...
DroidDetective : A Machine Learning Malware Analysis Framework For Android Apps
.png "DroidDetective : A Machine Learning Malware Analysis Framework For Android Apps")
DroidDetective is a Python tool for analysing Android applications (APKs) for potential malware related behaviour and configurations. When provided with a path to an application (APK file) Droid Detective will make a prediction (using it's ML model) of if the application is malicious. Features and qualities of Droid Detective include: Analysing which of ~330 permissions are specified in the application's AndroidManifest.xml file. Analysing...
Frida-Ios-Hook : A Tool That Helps You Easy Trace Classes, Functions, And Modify The Return Values
.png "Frida-Ios-Hook : A Tool That Helps You Easy Trace Classes, Functions, And Modify The Return Values")
Frida-Ios-Hook, a tool that helps you can easy using frida. It support script for trace classes, functions, and modify the return values of methods on iOS platform. Env OS Support OSSupportedNotedMacOS✅mainLinux✅subWindows✅sub Compatible with iOSFridaSupported13.2.314.2.13✅14.4.214.2.13✅14.4.215.0.18✅ Feature Running with python3.x Support both spawn & attach script to process. Options:-p(--package) Identifier of application ex: com.apple.AppStore-n(--name) Name of application ex: AppStore-s(--script) Using script format script.js-c(--check-version) Check for the newest version-u(--upadte)...
Tornado : Anonymously Reverse Shell Over Tor Network Using Hidden Services Without Port forwarding
.png "Tornado : Anonymously Reverse Shell Over Tor Network Using Hidden Services Without Port forwarding")
Tornado is implements tor network with metasploit-framework tool and msfvenom module, you can easily create hidden services for your localhost .onion domain without portforwarding. If you have experience different remote administration tools, probably you know you need forward port with virtual private network or ngrok but in this sense with tornado, the tor network offers the possibility of making...
Reposaur : The Open Source Compliance Tool For Development Platforms
.png "Reposaur : The Open Source Compliance Tool For Development Platforms")
Reposaur is the open source compliance tool for development platforms. Audit, verify and report on your data and configurations easily with pre-defined and/or custom policies.Supports GitHub. GitLab, BitBucket and Gitea support soon. Features Custom policies using the Rego policy language (learn more)A simple, composable and easy-to-use CLI (learn more)Extendable using a straightforward SDK (written in Go)Reports follow the standard SARIF format, enabling easy integrations...
