O365-Doppelganger : A Quick Handy Script To Harvest Credentials Off Of A User
.png "O365-Doppelganger : A Quick Handy Script To Harvest Credentials Off Of A User")
O365-Doppelganger is NOT a replacement for hardcore phishing activities. There are several other tools which perform OAuth and OTA capture which is not the aim of O365-Doppelganger. O365-Doppelganger is a quick handy script to harvest credentials of a user during Red Teams. This repository is a quick hack of one of my old red team engagement scripts which I've used...
How Crypto Can Be Manipulated: Fake Identities in a Peer-to-Peer Model
Depending on who you ask, cryptocurrency is either a fantastic new era of financial regulation or a confusing mess of gobbledygook. The reality is that it’s both - and its peer-to-peer architecture represents a world-first in currency valuation and control. Sybil attacks occur across all peer-based platforms. It describes the process of an attacker creating and orchestrating multiple fake identities:...
VulFi : Plugin To IDA Pro Which Can Be Used To Assist During Bug Hunting In Binaries
VulFi (Vulnerability Finder) tool is a plugin to IDA Pro which can be used to assist during bug hunting in binaries. Its main objective is to provide a single view with all cross-references to the most interesting functions (such as strcpy, sprintf, system, etc.). For cases where a Hexrays decompiler can be used, it will attempt to rule out calls to these...
Bore : Simple CLI Tool For Making Tunnels To Localhost
%20(1).png "Bore : Simple CLI Tool For Making Tunnels To Localhost")
Bore, a modern simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That's all it does: no more, and no less. This will expose your local port at localhost:8000 to the public internet at bore.pub:<PORT>, where the port number is assigned randomly. Similar to local tunnel and ngrok, except bore is intended to be a highly efficient, unopinionated tool for forwarding...
DDexec : A Technique To Run Binaries Filelessly And Stealthily On Linux Using Dd To Replace The Shell With Another Process
DDexec is a Technique To Run Binaries Filelessly And Stealthily On Linux Using Dd To Replace The Shell With Another Process. In Linux in order to run a program it must exist as a file, it must be accessible in some way through the file system hierarchy (this is just how execve() works). This file may reside on disk or in...
Wpgarlic : A Proof-Of-Concept WordPress Plugin Fuzzer
Wpgarlic is a proof-of-concept WordPress plugin fuzzer used in the research described in https://kazet.cc/2022/02/03/fuzzing-wordpress-plugins.html that helped to discover more than 140 vulnerablities in WordPress plugins installed on almost 15 million sites. If you want to continue the research, start with less popular plugins - if a plugin achieved at least 10k active installs between October 2021 and January 2022, I have most...
Git-Dumper : A Tool To Dump A Git Repository From A Website
.png "Git-Dumper : A Tool To Dump A Git Repository From A Website")
Git-Dumper is a tool to dump a git repository from a website. Install This can be installed easily with pip: pip install git-dumper Usage usage: git-dumper URL DIRDump a git repository from a website.positional arguments:URL urlDIR output directoryoptional arguments:-h, --help show this help message and exit--proxy PROXY use the specified proxy-j JOBS, --jobs JOBS number of simultaneous requests-r RETRY, --retry RETRYnumber of request...
Spring4Shell-Scan : A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell
.png "Spring4Shell-Scan : A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell")
Spring4Shell-Scan is a fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities. Features Support for lists of URLs.Fuzzing for more than 10 new Spring4Shell payloads (previously seen tools uses only 1-2 variants).Fuzzing for HTTP GET and POST methods.Automatic validation of the vulnerability upon discovery.Randomized and non-intrusive payloads.WAF Bypass payloads. Description The Spring4Shell RCE is a critical vulnerability that...
Introduction to Cryptography
What is Cryptography? A closer look at the etymology of the word "cypher" reveals that the word originated in ancient Greek. The word Kryptos, which means "hidden" or "secret," and the code derived from the word "write" literally means writing something secret. Simply put, encryption provides a secure method of communication. Cryptography prevents unauthorized persons, commonly known as attackers or...
Spock SLAF : A Shared Library Application Firewall “SLAF”
.png "Spock SLAF : A Shared Library Application Firewall “SLAF”")
Spock SLAF is a Shared Library Application Firewall "SLAF". It has the purpose to protect any service that uses the OpenSSL library. The SLAF inserts hooking to intercept all communication to detect security anomalies and block and log attacks like buffer overflow, path traversal, XSS and SQL injection. So to detect anomalies, Spock uses Deterministic Finite Automaton with rank scores to compute risks and...
