NucleiFuzzer = Nuclei + Paramspider + waybackurls + gauplus + hakrawler + katana + Fuzzing Templates
NucleiFuzzer is an advanced automation tool designed to streamline and optimize web application security testing by integrating a suite of powerful URL discovery and vulnerability scanning tools. It combines ParamSpider, Waybackurls, Katana, Gauplus, and Hakrawler to comprehensively gather and enumerate potential entry points for web applications. Leveraging the power of Nuclei, it scans these endpoints using fuzzing-templates to effectively...
Bypass-403 A Simple Script For Bypassing 403
Bypass-403 is a A simple script just made for self use for bypassing 403 It can also be used to compare responses on verious conditions as shown in the below snap Usage ./bypass-403.sh https://example.com admin ./bypass-403.sh website-here path-here Features Use 24 known Bypasses for 403 with the help of curl Installation git clone https://github.com/iamj0ker/bypass-403 cd bypass-403 chmod +x bypass-403.sh sudo apt install figlet - If you are unable to see the...
ParadeDB : Revolutionizing Postgres For Advanced Search And Analytics
ParadeDB is an Elasticsearch alternative built on Postgres. We're modernizing the features of Elasticsearch's product suite, starting with real-time search and analytics. Roadmap Search Full-text search with BM25 with pg_search Dense and sparse vector search with pgvector Distributed search Analytics Fast analytics over data lakes (i.e. S3) and table formats (i.e. Iceberg) with pg_analytics Column-oriented Postgres table access method For a detailed roadmap, see the ParadeDB Roadmap for...
Invoke-AtomicAssessment : Unleashing The Power Of Adversary Emulation For Enhanced Cybersecurity
Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team. This tool automates the execution of these techniques and logs the results in the ATTiRe format, which can then be visualized on the VECTR platform. The tool offers various threat actor profiles, enabling simulations of ransomware attacks and activities of Advanced Persistent Threat (APT)...
Wicked Panda APT Adversary Simulation
This is a simulation of attack by the Wicked Panda group (APT-41) targeting U.S. state government networks the attack campaign was active between May 2021 and February 2022, in addition to attacks targeting Taiwanese media, the attack chain starts with the in-memory execution of MoonWalk backdoor. Once the MoonWalk backdoor is successfully loaded by DodgeBox, the malware decrypts and...
Cyberbro : Revolutionizing Threat Intelligence With Simplified IoC Analysis
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple services.Inspired by Cybergordon and IntelOwl. This project aims to provide a simple and efficient way to check the reputation of your observables using multiple services, without having to deploy a complex solution. Features Effortless Input Handling: Paste raw logs, IoCs, or fanged IoCs, and let our...
B(l)utter
Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime. Currently, the application supports only Android libapp.so. Also, the application currently works only against recent Dart versions. Environment Setup This application uses the C++20 Formatting Library. It requires a very recent C++ compiler, such as g++ >=13 or Clang >=15. I recommend using Linux OS (only tested on Deiban SD) because it...
FLARE-VM : A Comprehensive Guide To Establishing A Reverse Engineering Lab On Windows
Welcome to FLARE-VM - a collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a virtual machine (VM). FLARE-VM was designed to solve the problem of reverse engineering tool curation and relies on two main technologies: Chocolatey and Boxstarter. Chocolatey is a Windows-based Nuget package management system,...
AWeSomeUserFinder : Harnessing AWS IAM For Username Enumeration And Password Security
AWS IAM Username Enumerator and Password Spraying Tool in Python3 In order to use the tool with the UpdateAssumeRolePolicy method, the IAM user account utilized must have the following permissions attached: "iam:GetRole" "iam:CreatePolicy" "iam:UpdateAssumeRolePolicy" "iam:CreateRole" "iam:AttachRolePolicy" An example policy is included in the files named "example_assume_role_policy.json" in the example_policies directory. Additionally, an AWS access key and AWS secret key are required. See this link for information on...
Monolith : The Ultimate Tool For Compiling Entire Web Pages Into Single HTML Files
A data hoarder’s dream come true: bundle any web page into a single HTML file. You can finally replace that gazillion of open tabs with a gazillion of .html files stored somewhere on your precious little drive. Unlike the conventional “Save page as”, monolith not only saves the target document, it embeds CSS, image, and JavaScript assets all at once,...
