Inject-Assembly : Inject .NET Assemblies Into An Existing Process
Inject-Assembly is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send output back to the Beacon, similar to the behavior of execute-assembly. There are two components of inject-assembly: BOF initializer: A small program responsible for injecting the assembly loader...
Registry-Spy : Cross-platform Registry Browser For Raw Windows Registry Files
Registry-Spy is a free, open-source cross-platform Windows Registry viewer. It is a fast, modern, and versatile explorer for raw registry files. Features include: Fast, on-the-fly parsing means no upfront overheadOpen multiple hives at a timeSearchingHex viewerModification timestamps Requirements Python 3.8+ Installation Download the latest version from the releases page. Alternatively, use one of the following methods. pip (recommended) pip install registryspyregistryspy Manual pip install -r requirements.txtpython setup.py installregistryspy Standalone pip install -r...
Token Universe : An Advanced Tool For Working With Access Tokens And Windows Security Policy
Token Universe is an advanced tool that provides a wide range of possibilities to research Windows security mechanisms. It has a convenient interface for creating, viewing, and modifying access tokens, managing Local Security Authority and Security Account Manager's databases. It allows you to obtain and impersonate different security contexts, manage privileges, auditing settings, and so on. My goal is to create a...
Iptable_Evil : An Evil Bit Backdoor For Iptables
Iptable_Evil is a very specific backdoor for iptables that allows all packets with the evil bit set, no matter the firewall rules. The initial implementation is in iptable_evil.c, which adds a table to iptables and requires modifying a kernel header to insert a spot for it. The second implementation is a modified version of the ip_tables core module and its dependents to allow all Evil packets. I have tested...
Narthex : Modular Personalized Dictionary Generator
Narthex (Greek: Νάρθηξ, νάρθηκας) is a modular & minimal dictionary generator for Unix and Unix-like operating system written in C and Shell. It contains autonomous Unix-style programs for the creation of personalized dictionaries that can be used for password recovery & security assessment. The programs make use of Unix text streams for the collaboration with each other, according to...
Will Technology Be The Boring Factor Added To Fun Physical Games
There was a time when Physical games were all human beings knew and lived by. Spending time outside, running in the sun, or playing in puddles was a fun and exciting time. Now, technology is slowly creeping into the gaming world. We are starting to see physical games being turned into mobile and online versions. For those of us who enjoyed...
Espoofer : An Email Spoofing Testing Tool That Aims To Bypass SPF/DKIM/DMARC
Espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email server and client are vulnerable to email spoofing attacks or can be abused to send spoofing emails. Why build this tool? Email spoofing is a big threat to both individuals and...
Raven : Advanced Cyber Threat Map (Simplified, Customizable, Responsive)
Raven - Advanced Cyber Threat Map (Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, ~100,000 cities, and can be used in an isolated environment without external lookups!. Features Uses D3.js (Not Anime.js)Active threat map (Live and replay)IP, country, city, and port info for each attackAttacks stats for countries (Only known attacks)Responsive interface (Move, drag, zoom in and...
Scemu : X86 32bits Emulator, For Securely Emulating Shellcodes
Scemu is a x86 32bits emulator, for securely emulating shellcodes Features rust safety, good for malware.All dependencies are in rust.zero unsafe{} blocks. very fast emulation (much faster than unicorn)3,000,000 instructions/second100,000 instructions/second printing every instruction -vv.powered by iced-x86 rust disassembler awesome library.iteration detector.memory and register tracking.colorized.stop at specific moment and explore the state or modify it.174 instructions implemented.112 winapi implemented of 5 dlls.all...
Wifi-Framework : For Creating Proof-Of-Concepts, Automated Experiments, Test Suites, Fuzzers, And More…
Wifi-Framework is a framework to more easily perform Wi-Fi experiments. It can be used to create fuzzers, implement new attacks, create proof-of-concepts to test for vulnerabilities, automate experiments, implement test suites, and so on. The main advantage of the framework is that it allows you to reuse Wi-Fi functionality of Linux to more easily implement attacks and/or tests. For instance, the...
