SQLRecon : A C# MS SQL Toolkit Designed For Offensive Reconnaissance And Post-Exploitation
SQLRecon is a C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation. For detailed usage information on each technique, refer to the wiki. Usage You can grab a copy of SQLRecon from the releases page. Alternatively, feel free to compile the solution yourself This should be as straight forward as cloning the repo, double clicking the solution file and building. Mandatory Arguments The mandatory arguments consist...
Combobulator : Framework To Detect And Prevent Dependency Confusion Leakage And Potential Attacks
Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks. This facilitates a holistic approach for ensuring secure application releases that can be evaluated against different sources (e.g., GitHub Packages, JFrog Artifactory) and many package management schemes (e.g., ndm, maven). Intended Audiences The framework can be used by security auditors, pentesters and even...
Elfloader : An Architecture-Agnostic ELF File Flattener For Shellcode
Elfloader is a super simple loader for ELF files that generates a flat in-memory representation of the ELF. Pair this with Rust and now you can write your shellcode in a proper, safe, high-level language. Any target that LLVM can target can be used, including custom target specifications for really exotic platforms and ABIs. Enjoy using things like u64s on 32-bit systems,...
wmiexec-RegOut : Modify Version Of Impacket Wmiexec.Py, Get Output(Data,Response) From Registry
wmiexec-RegOut is the modify version of impacket wmiexec.py, wmipersist.py. Got output(data, response) from registry, don't need SMB connection, but I'm in the bad code. Overview In original wmiexec.py, it get response from smb connection (port 445,139). Unfortunately, some antivirus software are monitoring these ports as high risk.In this case, I drop smb connection function and use others method to execute command. wmiexec-reg-sch-UnderNT6-wip.py:...
Heaptrace : Helps Visualize Heap Operations For Pwn And Debugging
Heaptrace is a heap debugger for tracking glibc heap operations in ELF64 (x86_64) binaries. Its purpose is to help visualize heap operations when debugging binaries or doing heap pwn. replaces addresses with easy-to-understand symbolsdetects heap corruption and memory leakage issuescan debug in gdb at any point (--break)supports all ELF64 (x86_64) binaries regardless of ASLR or compiler settings (including stripped binaries) Installation Ubuntu...
Phant0m : Windows Event Log Killer
Phant0m is a Windows Event Log Killer. Svchost is essential in the implementation of so-called shared service processes, where a number of services can share a process in order to reduce resource consumption. Grouping multiple services into a single process conserves computing resources, and this consideration was of particular concern to NT designers because creating Windows processes takes more...
Ipsourcebypass : This Python Script Can Be Used To Bypass IP Source Restrictions Using HTTP Headers
Ipsourcebypass is a Python script that can be used to bypass IP source restrictions using HTTP headers. Features 17 HTTP headers. Multithreading. JSON export with --json outputfile.json. Auto-detecting most successful bypasses. Usage $ ./ipsourcebypass.py -h IP source bypass using HTTP headers, v1.2usage: ipsourcebypass.py -i IP urlThis Python script can be used to test for IP source bypass...
Rathole : A Lightweight, Stable And High-Performance Reverse Proxy For NAT Traversal
Rathole, like frp and ngrok, can help to expose the service on the device behind the NAT to the Internet, via a server with a public IP. Features High Performance Much higher throughput can be achieved than frp, and more stable when handling a large volume of connections. See BenchmarkLow Resource Consumption Consumes much fewer memory than similar tools. See Benchmark. The binary can be as small as ~500KiB to fit...
RecoverPy : Interactively Find And Recover Deleted Or Overwritten Files From Your Terminal
RecoverPy searches through every block of your partition to find your request. You can already find plenty of solutions to recover deleted files, but it can be a hassle to recover overwritten files. Installation RecoverPy is currently only available on Linux systems. Dependancies Mandatory: To list and search through your partitions, recoverpy uses grep, dd, and lsblk commands. Optional: To display real time grep progress, you can install progress. To install all...
Bluffy : Convert Shellcode Into Different Formats
Bluffy is a utility which was used in experiments to bypass Anti-Virus products (statically) by formatting shellcode into realistic looking data formats. Proof-of-concept tools, such as 0xBoku's Ninja_UUID_Runner and ChoiSG's UuidShellcodeExec, inspired the initial concept for Bluffy. So far, we implemented: UUIDCLSIDSVGCSSCSV Help $ python3 bluffy.py -h⣇⣿⠘⣿⣿⣿⡿⡿⣟⣟⢟⢟⢝⠵⡝⣿⡿⢂⣼⣿⣷⣌⠩⡫⡻⣝⠹⢿⣿⣷⡆⣿⣆⠱⣝⡵⣝⢅⠙⣿⢕⢕⢕⢕⢝⣥⢒⠅⣿⣿⣿⡿⣳⣌⠪⡪⣡⢑⢝⣇⡆⣿⣿⣦⠹⣳⣳⣕⢅⠈⢗⢕⢕⢕⢕⢕⢈⢆⠟⠋⠉⠁⠉⠉⠁⠈⠼⢐⢕⢽⡗⢰⣶⣶⣦⣝⢝⢕⢕⠅⡆⢕⢕⢕⢕⢕⣴⠏⣠⡶⠛⡉⡉⡛⢶⣦⡀⠐⣕⢕⡝⡄⢻⢟⣿⣿⣷⣕⣕⣅⣿⣔⣕⣵⣵⣿⣿⢠⣿⢠⣮⡈⣌⠨⠅⠹⣷⡀⢱⢕⡝⡵⠟⠈⢀⣀⣀⡀⠉⢿⣿⣿⣿⣿⣿⣿⣿⣼⣿⢈⡋⠴⢿⡟⣡⡇⣿⡇⡀⢕⡝⠁⣠⣾⠟⡉⡉⡉⠻⣦⣻⣿⣿⣿⣿⣿⣿⣿⣿⣧⠸⣿⣦⣥⣿⡇⡿⣰⢗⢄⠁⢰⣿⡏⣴⣌⠈⣌⠡⠈⢻⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣬⣉⣉⣁⣄⢖⢕⢕⢕⡀⢻⣿⡇⢙⠁⠴⢿⡟⣡⡆⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣷⣵⣵⣿⡻⣄⣻⣿⣌⠘⢿⣷⣥⣿⠇⣿⣿⣿⣿⣿⣿⠛⠻⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣷⢄⠻⣿⣟⠿⠦⠍⠉⣡⣾⣿⣿⣿⣿⣿⣿⢸⣿⣦⠙⣿⣿⣿⣿⣿⣿⣿⣿⠟⡕⡑⣑⣈⣻⢗⢟⢞⢝⣻⣿⣿⣿⣿⣿⣿⣿⠸⣿⠿⠃⣿⣿⣿⣿⣿⣿⡿⠁⣠⡝⡵⡈⢟⢕⢕⢕⢕⣵⣿⣿⣿⣿⣿⣿⣿⣿⣿⣶⣶⣿⣿⣿⣿⣿⠿⠋⣀⣈⠙⡝⡵⡕⡀⠑⠳⠿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠿⠛⢉⡠⡲⡫⡪⡪⡣Convert shellcode into ✨ different ✨ formats!Written by:~ Mez0~ Michael Ranaldousage: Bluffy -b -o -moptional arguments:-h, --help show this help message and...
