Gotanda : Browser Web Extension For OSINT
Gotanda is OSINT(Open Source Intelligence) Web Extension for Firefox/Chrome. This Web Extension could search OSINT information from some IOC in web page.(IP,Domain,URL,SNS...etc) This Repository partly the studying and JavaScript practice. Download link below. FireFoxChrome Usage Right click highlighted IOC strings, It will show contextmenus.(Or right clicking any link. ) When You want to search using some engine, You choose one of list. Search Engine List NameURLCategoryDomain Toolshttps://whois.domaintools.com/whois LookupSecurity...
Fhex : A Full-Featured HexEditor
Fhex is born with the aim to develop a lightweight, but useful tool. The reason is that the existing hex editors have some different limitations (e.g. too many dependencies, missing hex coloring features, etc.). This project is based on qhexedit2, capstone and keystone engines. New features could be added in the future, PRs are welcomed. Features Chunks loader - Used to load only a portion of large...
Cumulus : Web Application Weakness Monitoring, It Would Be Working By Add Just 3 Codelines
Cumulus is a service that helps you monitor and fix security weakness in realtime. The issues will be reported on web dashboard. It's very simple and powerful. Key features Just install SDK to web front, can be found security weakness on service SDK detect weakness from Inner Layer, dynamically (ex_ DOM Event, XHR Request)Scanner detect weakness from Out Layer, statically (ex_ Web...
EXOCET : AV-evading, Undetectable, Payload Delivery Tool
EXOCET is superior to Metasploit's "Evasive Payloads" modules as EXOCET uses AES-256 in GCM Mode (Galois/Counter Mode). Metasploit's Evasion Payloads uses a easy to detect RC4 encryption. While RC4 can decrypt faster, AES-256 is much more difficult to ascertain the intent of the malware. However, it is possible to use Metasploit to build a Evasive Payload, and then chain that...
Clash : A Rule-Based Tunnel In Go
Clash is a tool like a rule-based Tunnel In Go Features Local HTTP/HTTPS/SOCKS server with authentication supportVMess, Shadowsocks, Trojan, Snell protocol support for remote connectionsBuilt-in DNS server that aims to minimize DNS pollution attack impact, supports DoH/DoT upstream and fake IP.Rules based off domains, GEOIP, IPCIDR or Process to forward packets to different nodesRemote groups allow users to implement powerful rules....
ChopChop : ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders
ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot. Checks/Signatures are declared in a config file (by default: chopchop.yml), fully configurable, and especially by developers. Building We tried to make the build process painless and hopefully, it should be...
Canadian Furious Beaver : A Tool For Monitoring IRP Handler In Windows Drivers, And Facilitating The Process Of Analyzing, Replaying And Fuzzing Windows Drivers For Vulnerabilities
Canadian Furious Beaver is a distributed tool for capturing IRPs sent to any Windows driver. It operates in 2 parts: the "Broker" combines both a user-land agent and a self-extractable driver (IrpDumper.sys) that will install itself on the targeted system. Once running it will expose (depending on the compilation options) a remote named pipe (reachable from \target.ip.addresspipecfb), or a TCP port...
AzureHunter : A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365
AzureHunter is a Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes Getting Started Check that you have the right O365 Permissions The following roles are required in Exchange Online, in order to be able to have read only access to the UnifiedAuditLog: View-Only Audit Logs or Audit Logs. These roles are assigned by default to the Compliance Management role group in...
Ad-Honeypot-Autodeploy : Deploy A Small, Intentionally Insecure, Vulnerable Windows Domain For RDP Honeypot Fully Automatically
Ad-Honeypot-Autodeploy a tool to Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically. Runs on self-hosted virtualization using libvirt with QEMU/KVM (but it can be customized easily for cloud-based solutions). Used for painlessly set up a small Windows Domain from scratch automatically (without user interaction) for the purpose of RDP Honeypot testing. Features a Domain Controller, a Desktop Computer and a configured...
Abaddon : Make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities
Abaddon is a Red team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating and caution. Wavestone’s red team operations management software, Abaddon, has been designed to make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities. Because: There are tons of tools used by...
