Email-Prediction-Asterisks : Script That Allows You To Identify The Emails Hidden Behind Asterisks
Email prediction asterisks is a script that allows you to identify the emails hidden behind asterisks. It is a perfect application for osint analysts and security forces. It allows to intelligently predict, using Intelx leaks, which emails are related to the person we are looking for. It also allows you to automatically obtain information from emails for manual analysis through...
PEzor-Docker : With The Help Of This Docker Image, You Can Easily Access PEzor On Your System!
PEzor-Docker, With the help of this incredible tool, you can create FUD malwares that are capable of bypassing most of the well-known AVs. For instance, you can pack the "mimikatz" executable file with the help of PEzor and then run it against victim's system for a full mem dump without any problem! How to use docker pull https://hub.docker.com/r/4d0niis/pezor_included_kali:1.0 docker run -it 4d0niis/pezor_included_kali:1.0...
Graphql-Threat-Matrix : GraphQL Threat Framework Used By Security Professionals
.png "Graphql-Threat-Matrix : GraphQL Threat Framework Used By Security Professionals")
graphql-threat-matrix was built for bug bounty hunters, security researchers and hackers to assist with uncovering vulnerabilities across multiple GraphQL implementations. The differences in how GraphQL implementations interpret and conform to the GraphQL specification may lead to security gaps and unique attack vectors. By analyzing and comparing the factors that drive the security risks across different implementations the GraphQL ecosystem can make...
Malicious-Pdf : Generate A Bunch Of Malicious Pdf Files With Phone-Home Functionality
.png "Malicious-Pdf : Generate A Bunch Of Malicious Pdf Files With Phone-Home Functionality")
Malicious-Pdf Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh Used for penetration testing and/or red-teaming etc. I created this tool because i needed a third party tool to generate a bunch of PDF files with various links. Usage python3 malicious-pdf.py burp-collaborator-url Output will be written as: test1.pdf, test2.pdf, test3.pdf etc in the current directory. Do not use the...
Hybrid Cloud Solutions Made Simple
Hybrid cloud solutions are the future. It is a solution that merges public cloud and private cloud services or public cloud services with proprietary software. The goal is to enable communication between every distinct service. Hybrid cloud strategies will give your business a higher level of flexibility. They transfer workloads between cloud solutions to match your changing costs and needs. Hybrid...
Cliam : Multi Cloud IAM Permissions Enumeration Tool
Cliam is a simple cloud permissions identifier. There are two main components to the CLI. Most of the enumerated permissions are list, describe or get permissions. Only permissions that does not require a specific resource are tested. enumerate which can be used to enumerate specific permissions (recommended)Some service providers have service groups that can check for permissions for a specific subset...
LDAPFragger : Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data
.png "LDAPFragger : Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data")
LDAPFragger is a Command and Control tool that enables attackers to route Cobalt Strike beacon data over LDAP using user attributes. For background information, read the release blog: http://blog.fox-it.com/2020/03/19/ldapfragger-command-and-control-over-ldap-attributes Dependencies and installation Compiled with .NET 4.0, but may work with older and newer .NET frameworks as well Usage _ _ _ | | | | / || | | | _ _ _ | | _...
FirmWire : b Full-System Baseband Firmware Emulation Platform
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and debugging of baseband firmware images. See the FirmWire documentation to get started! Installation The recommended way of using FirmWire is by using the supplied Dockerfile. To build the docker file, execute the following commands: git clone https://github.com/FirmWire/FirmWire.gitcd FirmWiregit clone https://github.com/FirmWire/panda.gitThis will take some timedocker build -t firmwire...
LeakedHandlesFinder : Leaked Windows Processes Handles Identification Tool
.png "LeakedHandlesFinder : Leaked Windows Processes Handles Identification Tool")
Leaked Windows processes handles identification tool. Useful for identify new LPE vulnerabilities during a pentest or simply as a new research process. Currently supports exploiting (autopwn) procesess leaked handles spawning a new arbitrary process (cmd.exe default). LHF identifies in realtime inherited handles and gives the researcher explotability tips Presented at rootedcon 2022 https://www.rootedcon.com/ponentes-rooted2022/. Presentation -> Presentation/Exploiting Leaked Handles for LPE.pdf Download
Pybatfish : Python Client For Batfish (Network Configuration Analysis Tool)
Pybatfish is a Python client for Batfish. What is Batfish? Batfish is a network validation tool that provides correctness guarantees for security, reliability, and compliance by analyzing the configuration of network devices. It builds complete models of network behavior from device configurations and finds violations of network policies (built-in, user-defined, and best-practices). A primary use case for Batfish is to validate configuration changes before deployment...
