Free and Paid VPNs: Pros and Cons
Using Virtual Protocol Networks (VPNs) is becoming extremely popular day by day. People need them to overcome different types of geo-restrictions, secure their accounts from blocking, deal with censorship, and feel more protected on the Net. This article compares free and paid VPNs, analyzing all their pros and cons, to help you make the right choice. The Difference Between Free and...
PersistBOF : Tool To Help Automate Common Persistence Mechanisms
PersistBOF is a tool to help automate common persistence mechanisms. Currently supports Print Monitor (SYSTEM), Time Provider (Network Service), Start folder shortcut hijacking (User), and Junction Folder (User) Usage Clone, run make, add .cna to Cobalt Strike client. run: help persist-ice in CS console Syntax: persist-ice ; Technique Overview All of these techniques rely on a Dll file to be seperately placed on...
Mitmproxy2Swagger : Automatically Reverse-Engineer REST APIs Via Capturing Traffic
.png "Mitmproxy2Swagger : Automatically Reverse-Engineer REST APIs Via Capturing Traffic")
Mitmproxy2Swagger is a tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic. Installation First you will need python3 and pip3. pip install mitmproxy2swagger… or …pip3 install mitmproxy2swagger Then clone the repo and run mitmproxy2swagger as per examples below. Usage Mitmproxy To create a specification by inspecting HTTP traffic you will need to: Capture the...
BinAbsInspector : Vulnerability Scanner For Binaries
.png "BinAbsInspector : Vulnerability Scanner For Binaries")
BinAbsInspector (Binary Abstract Inspector) is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is based on abstract interpretation with the support from Ghidra. It works on Ghidra's Pcode instead of assembly. Currently it supports binaries on x86,x64, armv7 and aarch64. Installation Install Ghidra according to Ghidra's documentationInstall Z3 (tested version: 4.8.15)Note...
Hakoriginfinder : Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs
.png "Hakoriginfinder : Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs")
Hakoriginfinder is a tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How Does It Work? This tool will first make a HTTP request to the hostname that you provide and store the response, then it will make a request to every IP address that you provide via HTTP (80) and HTTPS...
LEAF : Linux Evidence Acquisition Framework
.png "LEAF : Linux Evidence Acquisition Framework")
LEAF (Linux Evidence Acquisition Framework) acquires artifacts and evidence from Linux EXT4 systems, accepting user input to customize the functionality of the tool for easier scalability. Offering several modules and parameters as input, LEAF is able to use smart analysis to extract Linux artifacts and output to an ISO image file. Usage LEAF_master.py ] ] ] ]] ]]]]...
Stunner : Tool To Test And Exploit STUN, TURN And TURN Over TCP Servers
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. TURN is a protocol mostly used in videoconferencing and audio chats (WebRTC). If you find a misconfigured server you can use this tool to open a local socks proxy that relays all traffic via the TURN protocol into the internal network behind the server. I developed...
Ransomware-Simulator : Ransomware Simulator Written In Golang
Ransomware-Simulator, the goal of this repository is to provide a simple, harmless way to check your AV's protection on ransomware. This tool simulates typical ransomware behaviour, such as: Staging from a Word document macroDeleting Volume Shadow CopiesEncrypting documents (embedded and dropped by the simulator into a new folder)Dropping a ransomware note to the user's desktop The ransomware simulator takes no action that...
FindFunc : Advanced Filtering/Finding of Functions in IDA Pro
.png "FindFunc : Advanced Filtering/Finding of Functions in IDA Pro")
FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints. This is not a competitor to tools like Diaphora or BinNavi, but it is ideal to find a known function in a new binary for cases where classical bindiffing...
Pocsploit : A Lightweight, Flexible And Novel Open Source Poc Verification Framework
.png "Pocsploit : A Lightweight, Flexible And Novel Open Source Poc Verification Framework")
pocsploit is a lightweight, flexible and novel open source poc verification framework. Pain points of the POC framework in the market There are too many params, I don't know how to get started, but only some of them are commonly used.YAML poc framework(like nuclei & xray) is not flexible enough. the conversion cost is very high when writing poc. Sometimes it's...
