AF-ShellHunter : Auto Shell Lookup
AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team How To pip3 install -r requirements.txtpython3 shellhunter.py --help Basic Usage You can run shellhunter in two modes --url -u When scanning a single url--file -f Scanning multiple URLs at once Example searching webshell with burpsuite proxy, hiding string "404" with a size between 100 and 1000 chars ┌──(blueudp㉿xxxxxxxx)-└─$ python3 shellhunter.py -u https://xxxxxxxxxx -hs "404"...
Covert-Tube : Youtube As Covert-Channel – Control Systems Remotely And Execute Commands By Uploading Videos To Youtube
Covert-Tube is a program to control systems remotely by uploading videos to Youtube using Python to create the videos and the listener, emulating some malware I was reading about. It allows to create videos with frames formed of simple text, QR codes with cleartext or QR codes using AES encryption. Create A Video The videos can be created using generate_video.py: enter the...
Qu1cksc0pe : All-in-One Static Malware Analysis Tool
Qu1cksc0pe tool allows you to statically analyze Windows, Linux, OSX executables and APK files. You can get: What DLL files are used.Functions and APIs.Sections and segments.URLs, IP addresses and emails.Android permissions.File extensions and their names.And so on... Qu1cksc0pe aims to get even more information about suspicious files and helps user realize what that file is capable of. Usage python3 qu1cksc0pe.py --file suspicious_file --analyze Screenshot Updates 09/10/2021 Added AndroidRuntime module. Now...
GitOops : All Paths Lead To Clouds
GitOops is a tool to help attackers and defenders identify lateral movement and privilege escalation paths in GitHub organizations by abusing CI/CD pipelines and GitHub access controls. It works by mapping relationships between a GitHub organization and its CI/CD jobs and environment variables. It'll use any Bolt-compatible graph database as backend, so you can query your attack paths with openCypher: MATCH...
BruteLoops : Protocol Agnostic Online Password Guessing API
BruteLoops is a dead simple library providing the foundational logic for efficient password brute force attacks against authentication interfaces. See various Wiki sections for more information. A "modular" example is included with the library that demonstrates how to use this package. It's fully functional and provides multiple brute force modules. Below is a sample of its capabilities: http.accellion_ftp Accellion FTP HTTP interface login modulehttp.basic_digest...
FUSE : A Penetration Testing Tool For Finding File Upload Bugs
FUSE is a penetration testing system designed to identify Unrestricted Executable File Upload (UEFU) vulnerabilities. The details of the testing strategy is in our paper, "FUSE: Finding File Upload Bugs via Penetration Testing", which appeared in NDSS 2020. To see how to configure and execute FUSE, see the followings. Setup Install FUSE currently works on Ubuntu 18.04 and Python 2.7.15. Install dependencies #apt-get install rabbitmq-server#apt-get...
LinuxCatScale : Incident Response Collection And Processing Scripts With Automated Reporting Scripts
Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based hosts. The data aims to help DFIR professionals triage and scope incidents. An Elk Stack instance also is configured to consume the output and assist the analysis process. Usage This scripts were built to automate as much as possible. We recommend...
Azur3Alph4 : A PowerShell Module That Automates Red-Team Tasks For Ops On Objective
Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on objective. This module situates in a post-breach (RCE achieved) position. Token extraction and many other tools will not execute successfully without starting in this position. This module should be used for further enumeration and movement in a compromised app that is part of a managed identity.Azur3Alph4 is...
ForgeCert : “Golden” Certificates
ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates for arbitrary users capable of authentication to Active Directory. This attack is codified as DPERSIST1 in our "Certified Pre-Owned" whitepaper. This code base was released ~45 days after the whitepaper was published. @tifkin_ is the primary author of ForgeCert. @tifkin_ and @harmj0y are the primary authors of the associated Active Directory Certificate...
Rdesktop : Open Source Client for Microsoft’s RDP protocol
Rdesktop is an open source client for Microsoft's RDP protocol. It is known to work with Windows versions ranging from NT 4 Terminal Server to Windows 2012 R2 RDS. rdesktop currently has implemented the RDP version 4 and 5 protocols. Installation rdesktop uses a GNU-style build procedure. Typically all that is necessary to install rdesktop is the following: % ./configure% make% make...