CarPunk : The Car Hacking Toolkit
CarPunk IS VERY SIMILAR TO CANghost, ONLY THE DEFFERENCE IS, IT COMES WITH OPTIONS TO ENABLE OR DISABLE INTERFACE AND BASIC SNIFFING AS EXTRA. IT WORKS ON BOTH SIMULATION & REAL CARS.HAS THE OPTIONS TO RECORD AND PLAY THE CAN PACKETS.NO ANY ARGUMENTS REQUIRED WHEN RUNNING BUT NEED CHANGES(Interface & Name for logfile), IF YOU'RE TRYING IN REAL-WORLD.TESTED ON UBUNTU...
BurpCrypto : A Collection Of Burpsuite Encryption Plug-Ins, Support AES/RSA/DES/ExecJs(execute JS Encryption Code In Burpsuite)
Burpcrypto is a collection of burpsuite encryption plug-ins, supporting AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). Build $ mvn package Usage 中文使用说明 Download the precompiled jar package from Releases.Add this jar package to your burpsuite's Extensions.Switch to BurpCrypto tab, select you need Cipher tab.Set key or some value.press "Add processor", and give a name for this processor.Switch to Intruder->Payloads->Payload Processing.press "Add", select "Invoke Burp extension", and...
efiXplorer : IDA Plugin For UEFI Firmware Analysis And Reverse Engineering Automation
efiXplorer - IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations. Why not IDApython: all code...
Bopscrk : Tool To Generate Smart And Powerful Wordlists
bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists for targeted attacks. Targeted-attack wordlist creator: introduce personal info related to target, combines every word and transforms results into possible passwords. The lyricpass module allows to search lyrics related to artists and include them to the wordlists.Customizable case and leet transforms: create custom charsets and transforms patterns trough a simple config file.Wordlists exclusion: Exclude words from another wordlist (to avoid passwords...
AutomatedLab : A Provisioning Solution And Framework That Lets You Deploy Complex Labs On HyperV And Azure With Simple PowerShell Scripts
AutomatedLab (AL) enables you to setup test and lab environments on Hyper-v or Azure with multiple products or just a single VM in a very short time. There are only two requirements you need to make sure: You need the DVD ISO images and a Hyper-V host or an Azure subscription. Requirements Apart from the module itself your system needs to...
JSPanda : Client-Side Prototype Pollution Vulnerability Scanner
JSpanda is client-side prototype pollution vulnerability scanner. It has two key features, scanning vulnerability the supplied URLs and analyzing the JavaScript libraries' source code. However, JSpanda cannot detect advanced prototype pollution vulnerabilities. How JSPanda works? Uses multiple payloads for prototype pollution vulnerability.Gathers all the links in the targets for scanning and add payloads to JSpanda-obtained URLs, navigates to each URL with headless...
Databases Worldwide are Full of Security Holes
Data security is a big deal. Lapses in data security aren’t just a minor mistake; they can violate regulatory compliance rules, fail to protect customers who have agreed to share personal information, and risk losing companies their competitive advantage. The risks associated with database security are enormous. Fines for improper database security have stretched into the hundreds of millions of...
LeakDB : Web-Scale NoSQL Idempotent Cloud-Native Big-Data Serverless Plaintext Credential Search
LeakDB is a tool set designed to allow organizations to build and deploy their own internal plaintext "Have I Been Pwned"-like service. The LeakDB tool set can normalize, deduplicate, index, sort, and search leaked data sets on the multi-terabyte-scale, without the need to distribute large files to individual users. Once curated, LeakDB can search terabytes of data in less than a...
Kekeo : A Little Toolbox To Play With Microsoft Kerberos In C
Kekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C (and for fun) ASN.1 library In kekeo, I use an external commercial library to deal with Kerberos ASN.1 structures: OSS ASN.1/C (http://www.oss.com/asn1/products/asn1-c/asn1-c.html)It was the only code generator/library that I've found to work easily with Microsoft C project. works without a lots of dependencies;magical documentation;wonderful support for my stupid questions;had a binary that work only...
Certify : Active Directory Certificate Abuse
Certify is a C# tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). Usage C:Tools>Certify.exe_ _ _ / | | | ()/ || | _ _ | |_ | | _ _| | / _ '| | | | | | | | || / | | || | | | || | __|| _||| __,...
