HTTPUploadExfil : A Simple HTTP Server For Exfiltrating Files/Data During, For Example, CTFs
HTTPUploadExfil is a (very) simple HTTP server written in Go that's useful for getting files (and other information) off a machine using HTTP. While there are many use-cases, it's meant to be used in low-stakes offensive scenarios (e.g., CTFs). Think of this as python3 -m http.server but for getting data off a machine instead of on the machine. Obviously, this is a very loud and somewhat restricted way of exfiltrating...
DonPAPI : Dumping DPAPI Credz Remotely
DonPAPI is a Dumping DPAPI Credz Remotely. DPAPI Dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User passwordDomaine DPAPI BackupKeyLocal machine DPAPI Key (protecting TaskScheduled blob) Curently gathered info Windows credentials (Taskscheduled credentials & a lot more)Windows VaultsWindows RDP credentialsAdConnect (still require a manual operation)Wifi keyIntenet explorer CreentialsChrome cookies & credentialsFirefox cookies & credentialsVNC passwordsmRemoteNG password...
Clash : A Rule-Based Tunnel In Go
Clash a rule-based tunnel in Go. Features Local HTTP/HTTPS/SOCKS server with authentication supportVMess, Shadowsocks, Trojan, Snell protocol support for remote connectionsBuilt-in DNS server that aims to minimize DNS pollution attack impact, supports DoH/DoT upstream and fake IP.Rules based off domains, GEOIP, IPCIDR or Process to forward packets to different nodesRemote groups allow users to implement powerful rules. Supports automatic fallback, load...
Keeweb : Free Cross-Platform Password Manager Compatible With KeePass
Keeweb webapp is a browser and desktop password manager compatible with KeePass databases. It doesn't require any server or additional resources. The app can run either in browser, or as a desktop app. Quick Links Apps: Web, DesktopTimeline: Release Notes, TODOOn one page: Features, FAQWebsite: keeweb.infoTwitter: kee_webDonate: OpenCollective, GitHub Status The app is quite stable now. Basic stuff, as well as more advanced operations, should be rather reliable. Self-hosting Everything you need to host this...
Lorsrf : SSRF Parameter Bruteforce
Lorsrf has been added to scant3r with useful additions (multi http method , multi content-type (json , query , xml , speed , large worlist and more)). Bruteforcing on Hidden parameters to find SSRF vulnerability using GET and POST Methods Install download it ➜ git clone https://github.com/knassar702/lorsrf➜ cd lorsrf➜ sudo pip3 install requests flask install ngrok tool Steps Ngrok run your ngrok ./ngrok http 9090run server.py script and add ngrok port python3 server.py 9090run lorsrf.py and add ngrok...
Mediator : An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture
Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a "mediator" server that bridges the connections. This removes the need for the operator/handler to set up port forwarding in order to listen for the connection. Mediator also allows you to create plugins to expand the functionality of the reverse shell. You can run...
VECTR : A Tool That Facilitates Tracking Of Your Red And Blue Team Testing Activities To Measure Detection And Prevention Capabilities Across Different Attack Scenarios
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios. VECTR provides the ability to create assessment groups, which consist of a collection of Campaigns and supporting Test Cases to simulate adversary threats. Campaigns can be broad and span activities across the kill chain,...
Cloudflare CDN: What Is It and How Can You Benefit from It?
The CDN acronym stands for "content delivery network". The majority of web traffic today is served through such networks: Amazon, Netflix, Facebook, and many other Internet giants rely on this technology. CloudFlare is a global company whose primary mission is to make the Internet better. From this article, you'll get to know the benefits of using a CDN and...
Webdiscover : The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits
Webdiscover, the purpose of this script is to automate the web enumeration process and search for exploits and vulns. Added Tools (dependencies are installed during script execution): seclistffufnamelistdnsreconsubfinderwhatwebgospidernucleisearchsploitgo-exploitdb It creates a directory with the scan outputs, as shown in the example below. Usage Prerequisites Docker service installed If you want to build the container yourself manually, git clone the repo: git clone git@github.com:V1n1v131r4/webdiscover.git Then build your docker container docker...
SysFlow : Cloud-native System Telemetry Pipeline
SysFlow Telemetry Pipeline is a framework for monitoring cloud and enterprise workloads. The framework builds the plumbing required for system telemetry so that users can focus on writing and sharing analytics on a scalable, common open-source platform. The backbone of the telemetry pipeline is a new data format which lifts raw system event information into an abstraction that describes process behaviors, and...
