PowerGram : Multiplatform Telegram Bot In Pure PowerShell
.png "PowerGram : Multiplatform Telegram Bot In Pure PowerShell")
PowerGram is a pure PowerShell Telegram Bot that can be run on Windows, Linux or Mac OS. To make use of it, you only need PowerShell 4 or higher and an internet connection. All communication between the Bot and Telegram servers is encrypted with HTTPS, but all requests will be sent in GET method, so they could easily be intercepted. Requirements PowerShell 4.0...
Labtainers : A Docker-based Cyber Lab Framework
.png "Labtainers : A Docker-based Cyber Lab Framework")
Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or install on a Linux system and your students are done with provisioning and administrative setup, for these and future lab exercises. Consistent lab execution environments and automated provisioning via Docker containersMulti-component network topologies on a modestly performing laptop computerAutomated assessment of student...
K0Otkit : Universal Post-Penetration Technique Which Could Be Used In Penetrations Against Kubernetes Clusters
.png "K0Otkit : Universal Post-Penetration Technique Which Could Be Used In Penetrations Against Kubernetes Clusters")
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters. With k0otkit, you can manipulate all the nodes in the target Kubernetes cluster in a rapid, covert and continuous way (reverse shell). k0otkit is the combination of Kubernetes and rootkit. Prerequisite: k0otkit is a post-penetration tool, so you have to firstly conquer a cluster, somehow manage to escape from the container...
Free and Paid VPNs: Pros and Cons
Using Virtual Protocol Networks (VPNs) is becoming extremely popular day by day. People need them to overcome different types of geo-restrictions, secure their accounts from blocking, deal with censorship, and feel more protected on the Net. This article compares free and paid VPNs, analyzing all their pros and cons, to help you make the right choice. The Difference Between Free and...
PersistBOF : Tool To Help Automate Common Persistence Mechanisms
PersistBOF is a tool to help automate common persistence mechanisms. Currently supports Print Monitor (SYSTEM), Time Provider (Network Service), Start folder shortcut hijacking (User), and Junction Folder (User) Usage Clone, run make, add .cna to Cobalt Strike client. run: help persist-ice in CS console Syntax: persist-ice ; Technique Overview All of these techniques rely on a Dll file to be seperately placed on...
Mitmproxy2Swagger : Automatically Reverse-Engineer REST APIs Via Capturing Traffic
.png "Mitmproxy2Swagger : Automatically Reverse-Engineer REST APIs Via Capturing Traffic")
Mitmproxy2Swagger is a tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic. Installation First you will need python3 and pip3. pip install mitmproxy2swagger… or …pip3 install mitmproxy2swagger Then clone the repo and run mitmproxy2swagger as per examples below. Usage Mitmproxy To create a specification by inspecting HTTP traffic you will need to: Capture the...
BinAbsInspector : Vulnerability Scanner For Binaries
.png "BinAbsInspector : Vulnerability Scanner For Binaries")
BinAbsInspector (Binary Abstract Inspector) is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is based on abstract interpretation with the support from Ghidra. It works on Ghidra's Pcode instead of assembly. Currently it supports binaries on x86,x64, armv7 and aarch64. Installation Install Ghidra according to Ghidra's documentationInstall Z3 (tested version: 4.8.15)Note...
Hakoriginfinder : Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs
.png "Hakoriginfinder : Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs")
Hakoriginfinder is a tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How Does It Work? This tool will first make a HTTP request to the hostname that you provide and store the response, then it will make a request to every IP address that you provide via HTTP (80) and HTTPS...
LEAF : Linux Evidence Acquisition Framework
.png "LEAF : Linux Evidence Acquisition Framework")
LEAF (Linux Evidence Acquisition Framework) acquires artifacts and evidence from Linux EXT4 systems, accepting user input to customize the functionality of the tool for easier scalability. Offering several modules and parameters as input, LEAF is able to use smart analysis to extract Linux artifacts and output to an ISO image file. Usage LEAF_master.py ] ] ] ]] ]]]]...
Stunner : Tool To Test And Exploit STUN, TURN And TURN Over TCP Servers
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. TURN is a protocol mostly used in videoconferencing and audio chats (WebRTC). If you find a misconfigured server you can use this tool to open a local socks proxy that relays all traffic via the TURN protocol into the internal network behind the server. I developed...
