WMEye : A Post Exploitation Tool That Uses WMI Event Filter And MSBuild Execution For Lateral Movement
WMEye is an experimental tool that was developed when exploring about Windows WMI. The tool is developed for performing Lateral Movement using WMI and remote MSBuild Execution. It uploads the encoded/encrypted shellcode into remote targets WMI Class Property, create an event filter that when triggered writes an MSBuild based Payload using a special WMI Class called Log File Event...
Lnkbomb : Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares
.png "Lnkbomb : Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares")
Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file. This icon file can be directed to a penetration tester's machine running Responder or smb server to gather NTLMv1 or NTLMv2 hashes (depending on configuration of the victim host machine)....
Patching : An Interactive Binary Patching Plugin For IDA Pro
.png "Patching : An Interactive Binary Patching Plugin For IDA Pro")
Patching assembly code to change the behavior of an existing program is not uncommon in malware analysis, software reverse engineering, and broader domains of security research. This project extends the popular IDA Pro disassembler to create a more robust interactive binary patching workflow designed for rapid iteration. This project is currently powered by a minor fork of the ubiquitous Keystone Engine, supporting x86/x64 and Arm/Arm64...
Code Analysis : Static Code Analysis
Tencent Cloud Code Analysis (TCA for short, code-named CodeDog inside the company early) is a comprehensive platform for code analysis and issue tracking. TCA consist of three components, server, web and client. It integrates of a number of self-developed tools, and also supports dynamic integration of code analysis tools in various programming languages. Code analysis is a technology, using lexical...
GoodHound : Uses Sharphound, Bloodhound And Neo4j To Produce An Actionable List Of Attack Paths
GoodHound came about because I had a need to perform a repeatable assessment of attack paths using Bloodhound.I found that when used in a defensive way BloodHound was so good at identifying attack paths in a domain I was faced with several thousand to process with each review, with no way to deduplicate the findings I had already logged...
Domain Alerting : Daily Alert When A New Domain Name Is Registered And Contains Your Keywords
.png "Domain Alerting : Daily Alert When A New Domain Name Is Registered And Contains Your Keywords")
Domain Alerting is a daily alert when a new domain name is registered and contains your keywords. Domain Alerting tool allows you to perform two main actions (for educational purposes only): Download newly registered domains Send automatic email alert Prerequisite apt install mailutilspip3 install -r requirements.txt Configuration Inside the file "launcher.sh", complete: Your keywords (#Keywords to complete)Your receiver (#Email to complete) Then, create a daily crontab job: crontab -e...
Dome : Fast And Reliable Python Script That Makes Active And/Or Passive Scan To Obtain Subdomains
.png "Dome : Fast And Reliable Python Script That Makes Active And/Or Passive Scan To Obtain Subdomains")
Dome is a fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports. This tool is recommended for bug bounty hunters and pentester in their reconnaissance phase. the more surface area exposed the faster a rock with break down If you want to use more OSINT engines, fill the config.api file with the needed...
Codecat v0.56 : An Open-Source Tool To Help You Find/Track User Input Sinks And Security Bugs
CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Current rules for C,C++,GO, Python, javascript, Swift, PHP, Ruby, ASP, Kotlin, Dart and Java.(you can create your rules). How too install, step by step Go to CodeCat directory, install backend and frontend libs: $ apt install python3-venv python3-dev...
Nivistealer : Steal Victim Images Exact Location Device Info And Much More
Nivistealer is a tool to Steal Victim Images Exact Location Device Info And Much More. Features Steal Victim IpSteal Device InfoSteal Network and Battery InfoUses Device Gps to steal exact locationSteal pic from front cameraSteal text from victim clipboard (added recently)Send logs to discord also save them locally in a txt fileWorks on android, windows,linux,mac osUses iframe to load live...
ASSAMEE : Free Advance Encryptor For Anon Cloud
ASSAMEE is a free Advance encryptor for Anonfiles. It uses an advanced encryption method to encrypt the directory with AES-256. The data will store on anonfiles.com in an encrypted format. The ASSAMEE requires a download ID to download and decrypt the data from Anonfiles. Downloading encrypted data directly from anon files via a browser will not work. ASSAMEE Required Packages. ZipCurlopenssljq The...
