DDexec : A Technique To Run Binaries Filelessly And Stealthily On Linux Using Dd To Replace The Shell With Another Process
DDexec is a Technique To Run Binaries Filelessly And Stealthily On Linux Using Dd To Replace The Shell With Another Process. In Linux in order to run a program it must exist as a file, it must be accessible in some way through the file system hierarchy (this is just how execve() works). This file may reside on disk or in...
Wpgarlic : A Proof-Of-Concept WordPress Plugin Fuzzer
Wpgarlic is a proof-of-concept WordPress plugin fuzzer used in the research described in https://kazet.cc/2022/02/03/fuzzing-wordpress-plugins.html that helped to discover more than 140 vulnerablities in WordPress plugins installed on almost 15 million sites. If you want to continue the research, start with less popular plugins - if a plugin achieved at least 10k active installs between October 2021 and January 2022, I have most...
Git-Dumper : A Tool To Dump A Git Repository From A Website
.png "Git-Dumper : A Tool To Dump A Git Repository From A Website")
Git-Dumper is a tool to dump a git repository from a website. Install This can be installed easily with pip: pip install git-dumper Usage usage: git-dumper URL DIRDump a git repository from a website.positional arguments:URL urlDIR output directoryoptional arguments:-h, --help show this help message and exit--proxy PROXY use the specified proxy-j JOBS, --jobs JOBS number of simultaneous requests-r RETRY, --retry RETRYnumber of request...
Spring4Shell-Scan : A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell
.png "Spring4Shell-Scan : A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell")
Spring4Shell-Scan is a fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities. Features Support for lists of URLs.Fuzzing for more than 10 new Spring4Shell payloads (previously seen tools uses only 1-2 variants).Fuzzing for HTTP GET and POST methods.Automatic validation of the vulnerability upon discovery.Randomized and non-intrusive payloads.WAF Bypass payloads. Description The Spring4Shell RCE is a critical vulnerability that...
Introduction to Cryptography
What is Cryptography? A closer look at the etymology of the word "cypher" reveals that the word originated in ancient Greek. The word Kryptos, which means "hidden" or "secret," and the code derived from the word "write" literally means writing something secret. Simply put, encryption provides a secure method of communication. Cryptography prevents unauthorized persons, commonly known as attackers or...
Spock SLAF : A Shared Library Application Firewall “SLAF”
.png "Spock SLAF : A Shared Library Application Firewall “SLAF”")
Spock SLAF is a Shared Library Application Firewall "SLAF". It has the purpose to protect any service that uses the OpenSSL library. The SLAF inserts hooking to intercept all communication to detect security anomalies and block and log attacks like buffer overflow, path traversal, XSS and SQL injection. So to detect anomalies, Spock uses Deterministic Finite Automaton with rank scores to compute risks and...
Sub3Suite : A Free, Open Source, Cross Platform Intelligence Gathering Tool
.png "Sub3Suite : A Free, Open Source, Cross Platform Intelligence Gathering Tool")
Sub3 Suite is a research-grade suite of tools for Subdomain Enumeration, OSINT Information gathering & Attack Surface Mapping. Supports both manual and automated analysis on variety of target types with many available features & tools. Launching Download Sub3 Suite for your required platform (Windows or Linux) from releases. on Windows After download: Extract the zip file to location of your choice. To run just...
Ecapture : Capture SSL/TLS Text Content Without CA Cert By eBPF
.png "Ecapture : Capture SSL/TLS Text Content Without CA Cert By eBPF"){kind=logo}
eCapture is a tool to capture SSL/TLS text content without CA cert Using eBPF. How eCapture works SSL/TLS text context capture, support openssllibresslboringsslgnutlsnspr(nss) libraries.bash audit, capture bash command for Host Security Audit.mysql query SQL audit, support mysqld 5.65.78.0, and mariadDB. eCapture Architecure Getting started use ELF binary file Download ELF zip file release , unzip and use by command ./ecapture --help. Linux kernel version >= 4.18Enable BTF BPF Type Format...
Jfscan : A Super Fast And Customisable Port Scanner, Based On Masscan And NMap
.png "Jfscan : A Super Fast And Customisable Port Scanner, Based On Masscan And NMap")
JFScan (Just Fu*king Scan) is a wrapper around a super-fast port scanner Masscan. It's designed to simplify work when scanning for open ports on targets in a variety of formats. The JFScan accepts a target in the following forms: URL, domain, or IP (including CIDR). You can specify a file with targets using argument or use stdin. The JFScan also...
Ma2Tl : macOS Forensic Timeline Generator Using The Analysis Result DBs Of Mac_Apt
.png "Ma2Tl : macOS Forensic Timeline Generator Using The Analysis Result DBs Of Mac_Apt")
Ma2Tl is a DFIR tool for generating a macOS forensic timeline from the analysis result DBs of mac_apt. Requirements Python 3.7.0 or laterpytztzlocalxlsxwriter Installation % git clone https://github.com/mnrkbys/ma2tl.git Usage % python ./ma2tl.py -husage: ma2tl.py plugin Forensic timeline generator using mac_apt analysis results. Supports only SQLite DBs.positional arguments:plugin Plugins to run (space separated).optional arguments:-h, --help show this help...
