Dep-Scan : Fully Open-Source Security Audit For Project Dependencies
dep-scan is a fully open-source security audit tool for project dependencies based on known vulnerabilities, advisories and license limitations. Both local repositories and container images are supported as input. The tool is ideal for CI environments with built-in build breaker logic. If you have just come across this repo, probably the best place to start is to checkout the parent...
Http-Desync-Guardian – Analyze HTTP Requests To Minimize Risks Of HTTP Desync Attacks
Http-Desync-Guardian is to Analyze HTTP Requests To Minimize Risks Of HTTP Desync Attacks. HTTP/1.1 went through a long evolution since 1991 to 2014: HTTP/0.9 – 1991HTTP/1.0 – 1996HTTP/1.1RFC 2068 – 1997RFC 2616 - 1999RFC 7230 - 2014 This means there is a variety of servers and clients, which might have different views on request boundaries, creating opportunities for desynchronization attacks (a.k.a. HTTP Desync). It might seem simple to follow...
Pip-Audit : Audits Python Environments And Dependency Trees For Known Vulnerabilities
pip-audit is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database (https://github.com/pypa/advisory-database) via the PyPI JSON API as a source of vulnerability reports. This project is developed by Trail of Bits with support from Google. This is not an official Google product. Features Support for auditing local environments and requirements-style filesSupport for multiple vulnerability services (PyPI, OSV)Support for emitting SBOMs in CycloneDX XML...
goCabrito : Super Organized And Flexible Script For Sending Phishing Campaigns
goCabrito is a super organized and flexible script for sending phishing campaigns. Features Sends to a single emailSends to lists of emails (text)Sends to lists emails with first, last name (csv)Supports attachmentsSplits emails in groupsDelays sending emails between each groupSupport Tags to be placed and replaced in the message's bodyAdd {{name}} tag into the HTML message to be replaced with name...
ReFlutter : Flutter Reverse Engineering Framework
ReFlutter framework helps with Flutter apps reverse engineering using the patched version of the Flutter library which is already compiled and ready for app repacking. This library has snapshot deserialization process modified to allow you perform dynamic analysis in a convenient way. Key features: socket.cc is patched for traffic monitoring and interception;dart.cc is modified to print classes, functions and some fields;contains minor changes...
Driftwood : Private Key Usage Verification
Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user. Driftwood performs lookups with the computed public key, so the private key never leaves where you run the tool. Additionally it supports some basic password cracking for encrypted keys. Installation Three easy ways...
Inject-Assembly : Inject .NET Assemblies Into An Existing Process
Inject-Assembly is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send output back to the Beacon, similar to the behavior of execute-assembly. There are two components of inject-assembly: BOF initializer: A small program responsible for injecting the assembly loader...
Registry-Spy : Cross-platform Registry Browser For Raw Windows Registry Files
Registry-Spy is a free, open-source cross-platform Windows Registry viewer. It is a fast, modern, and versatile explorer for raw registry files. Features include: Fast, on-the-fly parsing means no upfront overheadOpen multiple hives at a timeSearchingHex viewerModification timestamps Requirements Python 3.8+ Installation Download the latest version from the releases page. Alternatively, use one of the following methods. pip (recommended) pip install registryspyregistryspy Manual pip install -r requirements.txtpython setup.py installregistryspy Standalone pip install -r...
Token Universe : An Advanced Tool For Working With Access Tokens And Windows Security Policy
Token Universe is an advanced tool that provides a wide range of possibilities to research Windows security mechanisms. It has a convenient interface for creating, viewing, and modifying access tokens, managing Local Security Authority and Security Account Manager's databases. It allows you to obtain and impersonate different security contexts, manage privileges, auditing settings, and so on. My goal is to create a...
Iptable_Evil : An Evil Bit Backdoor For Iptables
Iptable_Evil is a very specific backdoor for iptables that allows all packets with the evil bit set, no matter the firewall rules. The initial implementation is in iptable_evil.c, which adds a table to iptables and requires modifying a kernel header to insert a spot for it. The second implementation is a modified version of the ip_tables core module and its dependents to allow all Evil packets. I have tested...
