LACheck : Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration
LACheck is a Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration. Arguments ./LACheck.exe help _ _ _ | | / / | | | || | / | | | |_ _ | | | | / / | | | '_ / _ / | |/ / | | / | || | | | /...
Shellcode-Encryptor : A Simple Shell Code Encryptor/Decryptor/Executor To Bypass Anti Virus
Shellcode-Encryptor is a simple shell code encryptor/decryptor/executor to bypass anti virus. Note: I have completely redone the work flow for creating the bypass, I have found injecting the binary into memory using PowerShell as the most effective method. Purpose To generate a .Net binary containing base64 encoded, AES encrypted shellcode that will execute on a Windows target, bypassing anti-virus. Instructions Use the meterpreter_encryptor.py to create the encrypted...
Mortar : Evasion Technique To Defeat And Divert Detection And Prevention Of Security Products (AV/EDR/XDR)
Mortar is a red teaming evasion technique to defeat and divert detection and prevention of security products. Mortar Loader performs encryption and decryption of selected binary inside the memory streams and execute it directly with out writing any malicious indicator into the hard-drive. Mortar is able to bypass modern anti-virus products and advanced XDR solutions and it has been...
RCLocals : Linux Startup Analyzer
RCLocals is inspired by 'Autoruns' from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity verification, scan for DLL injected processes and much more Things covered: ·List GPG keys trusted by the system ·Installed Packages ·File integrity ·Process integrity (process and libraries loaded in a process that not belongs to any installed package) ·Processes with name spoofed (processes that use prctl() to...
Log4J-Detect : Script To Detect The “Log4j” Java Library Vulnerability For A List Of URLs With Multithreading
Log4J-Detect is a script "log4j-detect.py" developed in Python 3 is responsible for detecting whether a list of URLs are vulnerable to CVE-2021-44228. To do so, it sends a GET request using threads (higher performance) to each of the URLs in the specified list. The GET request contains a payload that on success returns a DNS request to Burp Collaborator /...
Rustpad : Multi-Threaded Padding Oracle Attacks Against Any Service
Rustpad is a multi-threaded successor to the classic padbuster, written in Rust. It abuses a Padding Oracle vulnerability to decrypt any cypher text or encrypt arbitrary plain text without knowing the encryption key! Features Decryption of cypher textsEncryption of arbitrary plain textMulti-threading on both block and byte levelModern, real-time and interactive TUI!No-TTY support, so you can just pipe output to a fileSupports Web server oracles...... and Script-based oracles. For...
SyntheticSun : A Defense-In-Depth Security Automation And Monitoring Framework
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats. You sleep in fragmented glassWith reflections of you,But are you feeling alive?Yeah let me ask you,Are you feeling alive? Synopsis Uses event- and time-based serverless automation (e.g. AWS CodeBuild, AWS Lambda) to...
Msmailprobe : Office 365 And Exchange Enumeration
Msmailprobe is widely known that OWA (Outlook Web app) is vulnerable to time-based user enumeration attacks. This tool leverages all known, and even some lesser-known services exposed by default Exchange installations to enumerate users. It also targets Office 365 for error-based user enumeration. Getting Started If you want to download and compile the simple, non-dependant code, you must first install GoLang!...
RPC Firewall : Stopping Lateral Movement via the RPC Firewall
RPC Firewall is the underlying mechanism which is used for numerous lateral movement techniques, reconnaissances, relay attacks, or simply to exploit vulnerable RPC services. DCSync attack? over RPC. Remote DCOM? over RPC. WMIC? over RPC. SharpHound? over RPC. PetitPotam? over RPC. PsExec? over RPC. ZeroLogon? over RPC... well, you get the idea :) What is it used for? Research Install the RPC Firewall and configure it to audit all remote RPC...
Lsarelayx : NTLM Relaying For Windows Made Easy
Lsarelayx is system wide NTLM relay tool designed to relay incoming NTLM based authentication to the host it is running on. lsarelayx will relay any incoming authentication request which includes SMB. Since lsarelayx hooks into existing application authentication flows, the tool will also attempt to service the original authentication request after the relay is complete. This will prevent the target application/protocol...
