BWASP : BoB Web Application Security Project
.png "BWASP : BoB Web Application Security Project")
BWASP is BoB Web Application Security Project (BWASP) is an open-source, analysis tool to support for Web Vulnerability Manual Analysis hackers. The BWASP tool basically provides predicted information through vulnerability analysis without proceeding with an attack. BWASP supports performing automated analysis and manual analysis. The BWASP Project supports: Find Attack vector automatically. (e.g. SQL Injection, Cross-site Scripting)Detect website technology.Log4J vulnerability scan (Partially supports java...
RogueAssemblyHunter : Rogue Assembly Hunter Is A Utility For Discovering ‘Interesting’ .NET CLR Modules
.png "RogueAssemblyHunter : Rogue Assembly Hunter Is A Utility For Discovering ‘Interesting’ .NET CLR Modules")
Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes. Background .NET is a very powerful and capable development platform and runtime framework for building and running .NET managed applications. Over the last several years, .NET has been adopted by Red Teams (and likes thereof) for instrumenting tradecraft to support offensive operations. In particular, the shift...
Process_Overwriting : Yet Another Variant Of Process Hollowing
%20(1).png "Process_Overwriting : Yet Another Variant Of Process Hollowing")
Process Overwriting is a PE injection technique, closely related to Process Hollowing and Module Overloading Process Hollowing (aka RunPE) is an old and popular PE injection technique. It comes in has variety of flavors, but there are some steps in common: Start by creating a process in a suspended stateWrite our own PE module in its memoryRedirect to the new moduleResume the thread Process Hollowing...
Heyserial : Programmatically Create Hunting Rules For Deserialization Exploitation
.png "Heyserial : Programmatically Create Hunting Rules For Deserialization Exploitation")
Heyserial will Programmatically create hunting rules for deserialization exploitation with multiple keywords (e.g. cmd.exe)gadget chains (e.g. CommonsCollection)object types (e.g. ViewState, Java, Python Pickle, PHP)encodings (e.g. Base64, raw)rule types (e.g. Snort, Yara) Usage Help: python3 heyserial.py -h Examples: python3 heyserial.py -c 'ExampleChain::condition1+condition2' -t JavaObjpython3 heyserial.py -k cmd.exe whoami 'This file cannot be run in DOS mode'python3 heyserial.py -k Process.Start -t NETViewState -e base64 "base64+utf16le" Utils utils/checkyoself.py This is a...
Kubeclarity : Tool For Detection And Management Of Software Bill Of Materials
.png "Kubeclarity : Tool For Detection And Management Of Software Bill Of Materials")
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. SBOM & vulnerability detection challenges Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection:Various programming languages and package managersVarious OS distributionsPackage dependency...
SSOh-No : User Enumeration And Password Spraying Tool For Testing Azure AD
SSOh-No is designed to enumerate users, password spray and perform brute force attacks against any organisation that utilises Azure AD or O365. Generally, this endpoint provides extremely verbose errors which can be leveraged to enumerate users and validate their passwords via brute force/spraying attacks, while also failing to log any failed authentication attempts. This tool is a weaponised version of a...
AutoResponder : Carbon Black Response IR Tool
.png "AutoResponder : Carbon Black Response IR Tool")
AutoResponder is a tool aimed to help people to carry out their Incident Response tasks WITH the help of Carbon Black Response's awesome capabilities and WITHOUT much bothering IT/System/Network Teams What can it do? Module✔️ / ❌Delete Files✔️Delete Registry Values✔️Delete Win32 Service Entries✔️Delete Scheduled Task Entries✔️Detailed Sensor List Export✔️Find Files✔️Find Registry Values✔️Download Files✔️Download A list of Win32 Service Entries✔️Download A list of Scheduled...
Spring4Shell-POC : Dockerized Spring4Shell (CVE-2022-22965) PoC Application And Exploit
.png "Spring4Shell-POC : Dockerized Spring4Shell (CVE-2022-22965) PoC Application And Exploit")
Spring4Shell-POC is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965). Full Java source for the war is provided and modifiable, the war will get re-built whenever the docker image is built. The built WAR will then be loaded by Tomcat. There is nothing special about this application, it's a simple hello world that's based off Spring tutorials. Requirements DockerPython3...
CVE-Tracker : With The Help Of This Automated Script, You Will Never Lose Track Of Recently Released CVEs
.png "CVE-Tracker : With The Help Of This Automated Script, You Will Never Lose Track Of Recently Released CVEs")
CVE-Tracker, With the help of this automated script, you will never lose track of newly released CVEs. What does this powershell script do is exactly running the Microsoft Edge at system startup, navigate to 2 URLs ,and then put the browser in to full screen mode. As ethical hackers, it's vital that we keep track of the recently released CVEs...
GoSH : Golang Reverse/Bind Shell Generator
.png "GoSH : Golang Reverse/Bind Shell Generator")
GoSH is a tool that generates a Go binary that launches a shell of the desired type on the targeted host. The shell binary can be compiled for multiple platforms, supports partial polymorphism (unique functions' names) and can use UDP protocol instead of the default TCP. If you send a DELETE command over the established connection, the shell binary removes itself from...
