Spring4Shell-Scan : A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell
.png "Spring4Shell-Scan : A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell")
Spring4Shell-Scan is a fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities. Features Support for lists of URLs.Fuzzing for more than 10 new Spring4Shell payloads (previously seen tools uses only 1-2 variants).Fuzzing for HTTP GET and POST methods.Automatic validation of the vulnerability upon discovery.Randomized and non-intrusive payloads.WAF Bypass payloads. Description The Spring4Shell RCE is a critical vulnerability that...
Introduction to Cryptography
What is Cryptography? A closer look at the etymology of the word "cypher" reveals that the word originated in ancient Greek. The word Kryptos, which means "hidden" or "secret," and the code derived from the word "write" literally means writing something secret. Simply put, encryption provides a secure method of communication. Cryptography prevents unauthorized persons, commonly known as attackers or...
Spock SLAF : A Shared Library Application Firewall “SLAF”
.png "Spock SLAF : A Shared Library Application Firewall “SLAF”")
Spock SLAF is a Shared Library Application Firewall "SLAF". It has the purpose to protect any service that uses the OpenSSL library. The SLAF inserts hooking to intercept all communication to detect security anomalies and block and log attacks like buffer overflow, path traversal, XSS and SQL injection. So to detect anomalies, Spock uses Deterministic Finite Automaton with rank scores to compute risks and...
Sub3Suite : A Free, Open Source, Cross Platform Intelligence Gathering Tool
.png "Sub3Suite : A Free, Open Source, Cross Platform Intelligence Gathering Tool")
Sub3 Suite is a research-grade suite of tools for Subdomain Enumeration, OSINT Information gathering & Attack Surface Mapping. Supports both manual and automated analysis on variety of target types with many available features & tools. Launching Download Sub3 Suite for your required platform (Windows or Linux) from releases. on Windows After download: Extract the zip file to location of your choice. To run just...
Ecapture : Capture SSL/TLS Text Content Without CA Cert By eBPF
.png "Ecapture : Capture SSL/TLS Text Content Without CA Cert By eBPF"){kind=logo}
eCapture is a tool to capture SSL/TLS text content without CA cert Using eBPF. How eCapture works SSL/TLS text context capture, support openssllibresslboringsslgnutlsnspr(nss) libraries.bash audit, capture bash command for Host Security Audit.mysql query SQL audit, support mysqld 5.65.78.0, and mariadDB. eCapture Architecure Getting started use ELF binary file Download ELF zip file release , unzip and use by command ./ecapture --help. Linux kernel version >= 4.18Enable BTF BPF Type Format...
Jfscan : A Super Fast And Customisable Port Scanner, Based On Masscan And NMap
.png "Jfscan : A Super Fast And Customisable Port Scanner, Based On Masscan And NMap")
JFScan (Just Fu*king Scan) is a wrapper around a super-fast port scanner Masscan. It's designed to simplify work when scanning for open ports on targets in a variety of formats. The JFScan accepts a target in the following forms: URL, domain, or IP (including CIDR). You can specify a file with targets using argument or use stdin. The JFScan also...
Ma2Tl : macOS Forensic Timeline Generator Using The Analysis Result DBs Of Mac_Apt
.png "Ma2Tl : macOS Forensic Timeline Generator Using The Analysis Result DBs Of Mac_Apt")
Ma2Tl is a DFIR tool for generating a macOS forensic timeline from the analysis result DBs of mac_apt. Requirements Python 3.7.0 or laterpytztzlocalxlsxwriter Installation % git clone https://github.com/mnrkbys/ma2tl.git Usage % python ./ma2tl.py -husage: ma2tl.py plugin Forensic timeline generator using mac_apt analysis results. Supports only SQLite DBs.positional arguments:plugin Plugins to run (space separated).optional arguments:-h, --help show this help...
DumpSMBShare : A Script To Dump Files And Folders Remotely From A Windows SMB Share
.png "DumpSMBShare : A Script To Dump Files And Folders Remotely From A Windows SMB Share")
DumpSMBShare is a script to dump files and folders remotely from a Windows SMB share. Features Only list shares with --list-shares. Select only files with given extensions (with --extensions) or all files. Choose the local folder to dump to with --dump-dir. Select base folder to search from in the share with --base-dir. Usage $ ./DumpSMBShare.py -hDumpSMBShare v1.2 - by @podalirius_usage: Dump.py (-s SHARE | -l) ...
Can Linux Be Installed On a Mac?
Linux operating system is the most common open source OS used on servers, smartphones, desktop and laptop computers, and other compatible devices. It can run on most major computer platforms like ARM, SPARC, and x86; and is rated highly by many in the tech industry. There are different versions of Linux OS and all of them are capable of managing...
Smap : A Drop-In Replacement For Nmap Powered By Shodan.Io
.png "Smap : A Drop-In Replacement For Nmap Powered By Shodan.Io")
Smap is a replica of Nmap which uses shodan.io's free API for port scanning. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacement for Nmap. Features Scans 200 hosts per secondDoesn't require any account/api keyVulnerability detectionSupports all nmap's output formatsService and version fingerprintingMakes no contact to the targets Installation Binaries You can download a...
