Dumpscan : Tool To Extract And Dump Secrets From Kernel And Windows Minidump Formats
Dumpscan is a command-line tool designed to extract and dump secrets from kernel and Windows Minidump formats. Kernel-dump parsing is provided by volatility3. Features x509 Public and Private key (PKCS #8/PKCS #1) parsingSymCrypt parsingSupported structuresSYMCRYPT_RSAKEY - Determines if the key structure also has a private keyMatching to public certificates found in the same processMore SymCrypt structures to comeEnvironment variablesCommand line arguments Note: Testing has only been...
Trufflehog : Find Credentials All Over The Place
TruffleHog v3 is a complete rewrite in Go with many new powerful features. We've added over 700 credential detectors that support active verification against their respective APIs.We've also added native support for scanning GitHub, GitLab, filesystems, and S3.Instantly verify private keys against millions of github users and billions of TLS certificates using our Driftwood technology. What is credential verification? For every potential credential that is detected, we've painstakingly implemented...
Bypass-Url-Parser : Tool That Tests Many URL Bypasses To Reach A 40X Protected Page
Bypass-Url-Parser is a Tool that tests MANY url bypasses to reach a 40X protected page. If you wonder why this code is nothing but a dirty curl wrapper, here's why: Most of the python requests do url/path/parameter encoding/decoding, and I hate this.If I submit raw chars, I want raw chars to be sent.If I send a weird path, I want it weird, not normalized. This is surprisingly...
WebView2-Cookie-Stealer : Attacking With WebView2 Applications
WebView2-Cookie-Stealer, According to Microsoft, “Microsoft Edge WebView2 control allows you to embed web technologies (HTML, CSS, and JavaScript) in your native apps”. Essentially, WebView2 technology can be used to create an executable that can communicate with web applications similarly to a browser. This is meant to improve desktop applications and provide them with additional capabilities for interaction with web...
Tofu : Windows Offline Filesystem Hacking Tool For Linux
Tofu is a modular tool for hacking offline Windows filesystems and bypassing login screens. Can do hashdumps, OSK-Backdoors, user enumeration and more. How It Works When a Windows machine is shut down, unless it has Bitlocker or another encryption service enabled, it's storage device contains everything stored on the device as if it was unlocked. This means that you can...
Frostbyte : FrostByte Is A POC Project That Combines Different Defense Evasion Techniques
FrostByte Is A POC Project That Combines Different Defense Evasion Techniques. In the past few days I've been experimenting with the AppDomain manager injection technique had a decent success with it in my previous Red Team engagements against certain EDRs. Although, this is really good for initial access vector, I wanted to release a POC which will help hiding your shellcode...
Admin-Panel_Finder : A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces
Admin-Panel_Finder is a burp suite extension that enumerates infrastructure and application Admin Interfaces.OWASP References: Classification: Web Application Security Testing > 02-Configuration and Deployment Management TestingOTG v4: OWASP OTG-CONFIG-005WSTG: WSTG-CONF-05 Why should I use this extension? Multi-threadDifferent and configurable levels of test.Includable status codesExcludable status codesMore than 1000 built-in payloads.You can load your dictionary.Editable root directoryAutomatic detection of used technologies to generate custom payloads.Passive...
Gshell : A Flexible And Scalable Cross-Plaform Shell Generator Tool
Gshell is a simple yet flexible cross-platform shell generator tool. A cross-platform shell generator tool that lets you generate whichever shell you want, in any system you want, giving you full control and automation. Is cross-platform, you can use it in operating systems such as: Unix-based systemsGNU/LinuxWindowsmacOS Generates the following shells: Bind Shells: The target has a listening port and we connect to...
DOMDig : DOM XSS Scanner For Single Page Applications
DOMDig is a DOM XSS scanner that runs inside the Chromium web browser and it can scan single page applications (SPA) recursively.Unlike other scanners, DOMDig can crawl any webapplication (including gmail) by keeping track of DOM modifications and XHR/fetch/websocket requests and it can simulate a real user interaction by firing events. During this process, XSS payloads are put into...
ConfluencePot : Simple Honeypot For Atlassian Confluence (CVE-2022-26134)
ConfluencePot is a simple honeypot for the Atlassian Confluence unauthenticated and remote OGNL injection vulnerability (CVE-2022-26134). About the vulnerability You can find the official advisory by Atlassian to this vulerability here. For details about the inner workings and exploits in the wild you should refer to the reports by Rapid7 and Cloudflare. Affected but not yet patched systems should be deemed compromised until further investigation. About the tool ConfluencePot...