DRAKVUF Sandbox : Automated Hypervisor-Level Malware Analysis System

0

DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an agent on guest OS. This project provides you with a friendly web interface that allows you to upload suspicious files to be analyzed. Once the sandboxing job is finished, you can explore the analysis result through the mentioned interface and get an...

Checkov : Prevent Cloud Misconfigurations During Build-Time For Terraform

0

Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Helm charts, Kustomize, Dockerfile, Serverless, Bicep or ARM Templates and detects security and compliance misconfigurations using graph-based scanning. Checkov also powers Bridgecrew, the developer-first platform that codifies and streamlines cloud security throughout the development lifecycle. Bridgecrew identifies, fixes, and prevents misconfigurations in cloud resources and infrastructure-as-code files. Features Over 1000 built-in policies cover security and compliance...

StayKit : Cobalt Strike Kit For Persistence

0

StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the Sharp Stay .NET assembly. The aggressor script handles payload creation by reading the template files for a specific execution type. IMPORTANT: To use the script a user will only need to load the StayKit.cna aggressor script. Additionally, the SharpStay assembly will need to be compiled and placed into the...

Katoolin3 : Get Your Favourite Kali Linux Tools On Debian/Ubuntu/Linux Mint

0

Katoolin3 brings all programs available in Kali Linux to Debian and Ubuntu. This program is a port of katoolin from LionSec to python3. Katoolin3 offers several improvements over katoolin: Up to date packagesThe old katoolin uses an outdated package list. Katoolin3 always keeps its package list up to date.(Last updated: 18 Feb 2020)Improved handling of missing packagesThe old katoolin breaks if a package isn't available...

NTLMRecon : Enumerate Information From NTLM Authentication Enabled Web Endpoints

0

NTLMRecon is a fast and flexible NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains. NTLMRecon is built with flexibilty in mind. Need to run recon on a single URL, an IP address, an entire CIDR range or combination of all of it...

JNDI-Injection-Exploit : A Tool Which Generates JNDI Links Can Start Several Servers

0

JNDI-Injection-Exploit is a tool for generating workable JNDI links and provide background services by starting RMI server, LDAP server and HTTP server. RMI server and LDAP server are based on marshals and modified further to link with HTTP server. Using this tool allows you get JNDI links, you can insert these links into your POC to test vulnerability. For example, this is a Fastjson vul-poc: {"@type":"com.sun.rowset.JdbcRowSetImpl","dataSourceName":"rmi://127.0.0.1:1099/Object","autoCommit":true} We...

OpenSquat : Detection Of Phishing Domains And Domain Squatting.

0

OpenSquat is an opensource Intelligence (OSINT) security tool to identify cyber squatting threats to specific companies or domains, such as: Phishing campaignsDomain squattingTypo squattingBit squattingIDN homograph attacksDoppen ganger domainsOther brand/domain related scams It does support some key features such as: Automatic newly registered domain updating (once a day)Levenshtein distance to calculate word similarityFetches active and known phishing domains (Phishing Database project)IDN homograph attack detectionIntegration...

Win-Brute-Logon : Crack Any Microsoft Windows Users Password Without Any Privilege

0

Win-Brute-Logon PoC is more what I would call a serious weakness in Microsoft Windows Authentication mechanism than a vulnerability. The biggest issue is related to the lack of privilege required to perform such actions. Indeed, from a Guest account (The most limited account on Microsoft Windows), you can crack the password of any available local users. Find out which users exists using...

Scylla : The Simplistic Information Gathering Engine

0

Scylla is an OSINT tool developed in Python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts, websites/webservers, phone numbers, and names. Scylla also allows users to find all social media profiles (main platforms) assigned to a certain username. In continuation, Scylla has shodan support so you can search for devices all over the internet, it...

Jatayu : Stealthy Stand Alone PHP Web Shell

0

JATAYU a Stealthy Stand Alone PHP Web Shell . FEATURES Http Header Based Authentication.100% Undetectable.Exec Function Changer.Nothing Fancy USAGE GET /test/jatayu.php?fn=1&&cmd=whoamiHost : http://test.comAuthtoken : bb3b1a1f-0447-42a6-955a-88681fb88499 FUNCTIONS PARAMETERFUNCTIONfn=1Calls function shell_exec()fn=2Calls function system()cmd=idExecutes command GENERATE AUTHTOKEN php$r = unpack('v*', fread(fopen('/dev/random', 'r'),16));$apiKey = sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x',$r, $r, $r, $r & 0x0fff | 0x4000,$r & 0x3fff | 0x8000, $r, $r, $r);echo $apiKey;?> Download