Authz0 : An Automated Authorization Test Tool
Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials. URLs and Roles are managed as YAML-based templates, which can be automatically created and added through authz0. You can also test based on multiple authentication headers and cookies with a template file created/generated once. Key Features Generate scan template $ authz0 newInclude URLsInclude RolesInclude...
Hacc The Hub : Open Source Self-Hosted Cyber Security Learning Platform
Hacc The Hub is an open source project that provides cyber security The Hacc The Hub system consists of 3 main parts: Docker: containing all of the boxes creating the environment in which we'll be learning on.The backend: controlling Docker and responsible for starting/destroying individual box in the system and managing the networking that joins them into a unified system.The frontend:...
IOC Scraper : A Fast And Reliable Service That Enables You To Extract IOCs
IOC Scraper utilises IOCPARSER service to fetch IOCs from different vendor Blogs, PDFs, and CSV files. Parsing IOCs is time-consuming process, using current script one can automatically extract and aggregate IOCs easily. Features Defanged IOCs : Supports extracting and defanging IOCs.Whitelist IOCs : Supports custom whitlisting of IOCs.Source Types : Supports variety of sources such as Blogs, PDFs, CSV, and much more. Supported IOC...
Chaya : Advance Image Steganography
Chaya protects your privacy through steganography, cryptography and compression. It effectively encrypts your payloads using AES-256-GCM cryptography, embeds them using LSB-LPS steganography technique into images and compresses them using FLIF to evade detection by performing lossless compression. Chaya is for your privacy. Chaya is backed by research (I will publish public version whitepaper on xerohack.com), and has proven to be by far the most effective image steganography...
Ocr-Recon : Tool To Find A Particular String In A List Of URLs Using Tesseract’S OCR Capabilities
Ocr-Recon is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilities. Usage Usage: python3 ocr-recon.py list with URLs string to search Download
Litefuzz : A Multi-Platform Fuzzer For Poking At Userland Binaries And Servers
Litefuzz is meant to serve a purpose: fuzz and triage on all the major platforms, support both CLI/GUI apps, network clients and servers in order to find security-related bugs. It simplifies the process and makes it easy to discover security bugs in many different targets, across platforms, while just making a few honest trade-offs. It isn't built for speed, scalability...
Searpy : Search Engine Toolkit
Searpy, as its name implies, search engine optimization is the practice of optimizing websites and web pages for discovery in search engines. Install git clone https://github.com/j3ers3/Searpypip install -r requirement.txt配置API及账号 ./config.pypython Searpy -h Help Searpy Engine Tookitoptional arguments:-h, --help show this help message and exitENGINE:--baidu Using baidu Engine--google Using google Engine--so Using 360so Engine--bing Using bing Engine--shodan Using shodan Engine--fofa Using fofa Engine--zoomeye Using zoomeye Engine--goo Using...
CAPEv2 : Malware Configuration And Payload Extraction
CAPEv2 is a malware sandbox. It was derived from Cuckoo with the goal of adding automated malware unpacking and config extraction - hence its name is an acronym: 'Config And Payload Extraction'. Automated unpacking allows classification based on Yara signatures to complement network (Suricata) and behavior (API) signatures. There is a free community instance online which anyone can use: https://capesandbox.com Although config...
BruteShark : Network Analysis Tool
BruteShark is a Network Forensic Analysis Tool (NFAT) that performs deep processing and inspection of network traffic (mainly PCAP files, but it also capable of directly live capturing from a network interface). It includes: password extracting, building a network map, reconstruct TCP sessions, extract hashes of encrypted passwords and even convert them to a Hashcat format in order to...
Latest Cyber Security Trends in 2022
Cyber-attacks have been increasing with the evolution of modern technologies and the digital transformation of the world. Most organizations have moved their business models to remote. Since then, cybercriminals are now able to obtain and disclose your personal information. Furthermore, they can interfere with your business operations by exposing confidential information. In 2021, 47 percent of respondents indicated that cyber...