Chaya : Advance Image Steganography
.png "Chaya : Advance Image Steganography")
Chaya protects your privacy through steganography, cryptography and compression. It effectively encrypts your payloads using AES-256-GCM cryptography, embeds them using LSB-LPS steganography technique into images and compresses them using FLIF to evade detection by performing lossless compression. Chaya is for your privacy. Chaya is backed by research (I will publish public version whitepaper on xerohack.com), and has proven to be by far the most effective image steganography...
Ocr-Recon : Tool To Find A Particular String In A List Of URLs Using Tesseract’S OCR Capabilities
Ocr-Recon is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilities. Usage Usage: python3 ocr-recon.py list with URLs string to search Download
Litefuzz : A Multi-Platform Fuzzer For Poking At Userland Binaries And Servers
.png "Litefuzz : A Multi-Platform Fuzzer For Poking At Userland Binaries And Servers")
Litefuzz is meant to serve a purpose: fuzz and triage on all the major platforms, support both CLI/GUI apps, network clients and servers in order to find security-related bugs. It simplifies the process and makes it easy to discover security bugs in many different targets, across platforms, while just making a few honest trade-offs. It isn't built for speed, scalability...
Searpy : Search Engine Toolkit
.png "Searpy : Search Engine Toolkit")
Searpy, as its name implies, search engine optimization is the practice of optimizing websites and web pages for discovery in search engines. Install git clone https://github.com/j3ers3/Searpypip install -r requirement.txt配置API及账号 ./config.pypython Searpy -h Help Searpy Engine Tookitoptional arguments:-h, --help show this help message and exitENGINE:--baidu Using baidu Engine--google Using google Engine--so Using 360so Engine--bing Using bing Engine--shodan Using shodan Engine--fofa Using fofa Engine--zoomeye Using zoomeye Engine--goo Using...
CAPEv2 : Malware Configuration And Payload Extraction
.png "CAPEv2 : Malware Configuration And Payload Extraction")
CAPEv2 is a malware sandbox. It was derived from Cuckoo with the goal of adding automated malware unpacking and config extraction - hence its name is an acronym: 'Config And Payload Extraction'. Automated unpacking allows classification based on Yara signatures to complement network (Suricata) and behavior (API) signatures. There is a free community instance online which anyone can use: https://capesandbox.com Although config...
BruteShark : Network Analysis Tool
.png "BruteShark : Network Analysis Tool")
BruteShark is a Network Forensic Analysis Tool (NFAT) that performs deep processing and inspection of network traffic (mainly PCAP files, but it also capable of directly live capturing from a network interface). It includes: password extracting, building a network map, reconstruct TCP sessions, extract hashes of encrypted passwords and even convert them to a Hashcat format in order to...
Latest Cyber Security Trends in 2022
Cyber-attacks have been increasing with the evolution of modern technologies and the digital transformation of the world. Most organizations have moved their business models to remote. Since then, cybercriminals are now able to obtain and disclose your personal information. Furthermore, they can interfere with your business operations by exposing confidential information. In 2021, 47 percent of respondents indicated that cyber...
DRAKVUF Sandbox : Automated Hypervisor-Level Malware Analysis System
.png "DRAKVUF Sandbox : Automated Hypervisor-Level Malware Analysis System")
DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an agent on guest OS. This project provides you with a friendly web interface that allows you to upload suspicious files to be analyzed. Once the sandboxing job is finished, you can explore the analysis result through the mentioned interface and get an...
Checkov : Prevent Cloud Misconfigurations During Build-Time For Terraform
.png "Checkov : Prevent Cloud Misconfigurations During Build-Time For Terraform")
Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Helm charts, Kustomize, Dockerfile, Serverless, Bicep or ARM Templates and detects security and compliance misconfigurations using graph-based scanning. Checkov also powers Bridgecrew, the developer-first platform that codifies and streamlines cloud security throughout the development lifecycle. Bridgecrew identifies, fixes, and prevents misconfigurations in cloud resources and infrastructure-as-code files. Features Over 1000 built-in policies cover security and compliance...
StayKit : Cobalt Strike Kit For Persistence
StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the Sharp Stay .NET assembly. The aggressor script handles payload creation by reading the template files for a specific execution type. IMPORTANT: To use the script a user will only need to load the StayKit.cna aggressor script. Additionally, the SharpStay assembly will need to be compiled and placed into the...
