TREVORspray : A Featureful Round-Robin SOCKS Proxy And Python O365 Sprayer Based On MSOLSpray Which Uses The Microsoft Graph API
TREVORspray is a A featureful Python O365 sprayer based on MSOLSpray which uses the Microsoft Graph API. TREVORproxy is a SOCKS proxy that round-robins requests through SSH hosts. Microsoft is getting better and better about blocking password spraying attacks against O365. TREVORspray can solve this by proxying its requests through an unlimited number of --ssh hosts. No weird dependencies or cumbersome setup required - all...
DNSMonster : Passive DNS Capture/Monitoring Framework
DNSMonster is a passive DNS collection and monitoring built with Golang, Click house and Grafana: dnsmonster implements a packet sniffer for DNS traffic. It can accept traffic from a pcap file, a live interface or a dnstap socket, and can be used to index and store thousands of DNS queries per second (it has shown to be capable of indexing 200k+ DNS queries per second...
packetsifterTool : A Tool To Aid Analysts In Sifting Through A Packet Capture (Pcap) To Find Noteworthy Traffic
packetsifterTool is to perform batch processing of PCAP data to uncover potential IOCs.Simply initialize PacketSifter with your desired integrations (Virus Total, Abuse IPDB) and pass PacketSifter a pcap and the desired switches and PacketSifter will sift through the data and generate several output files. Note Please run AbuseIPDBInitial.sh and VTInitial.sh prior to using their corresponding switches or the integrations will not...
Penelope : Shell Handler
Penelope is an advanced shell handler. Its main aim is to replace netcat as shell catcher during exploiting RCE vulnerabilities. It works on Linux and macOS and the only requirement is Python3. It is one script without 3rd party dependencies and hopefully it will stay that way. Among the main features are: Auto-upgrade shells to PTY (auto-resize included)Logging interaction with the...
GoPurple : Yet Another Shellcode Runner Consists Of Different Techniques For Evaluating Detection Capabilities Of Endpoint Security Solutions
GoPurple is a simple collection of various shell code injection techniques, aiming to streamline the process of endpoint detection evaluation, beside challenging myself to get into Golang world. Installation Requires go installed. Build the application from the project's directory: go build. Set GOOS=windows if the build system is not Windows _ / | | || | _ _ _ _ _ _ _ _...
What Do You Need to Know About Programming before You Try Learning It
Programming has been one of the most lucrative and promising career paths for the last couple of decades, and it does not seem to be losing momentum. On the contrary – the demand for skilled programmers is higher than ever, and working in this industry is growing more promising with every passing year. It is not surprising, then, that...
Bugs-feed : A Local Hosted Portal Where You Can Search For The Latest News, Videos, CVEs, Vulnerabilities…
Bugs-feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities... It's implemented as a PWA application so you can get rid of the explorer and use it as a desktop application. Navigate through different tabs and take a look to the latest bugs or search in all of them at once. It...
Zuthaka : An Open Source Application Designed To Assist Red-Teaming Efforts, By Simplifying The Task Of Managing Different APTs And Other Post-Exploitation Tools
Zuthaka is a collaborative free open-source Command & Control integration framework that allows developers to concentrate on the core function and goal of their C2. About The Project Problem Statement The current C2s ecosystem has rapidly grown in order to adapt to modern red team operations and diverse needs (further information on C2 selection can be found here). This comes with a lot...
CobaltStrikeParser : Python parser for CobaltStrike Beacon’s configuration
CobaltStrikeParser is a Python parser for CobaltStrike Beacon's configuration. Use parse_beacon_config.py for stageless beacons, memory dumps or C2 urls with metasploit compatibility mode (default true).Many stageless beacons are PEs where the beacon code itself is stored in the .data section and xored with 4-byte key.The script tries to find the xor key and data heuristically, decrypt the data and parse the configuration from it. This...
MobileAudit : SAST and Malware Analysis for Android Mobile APKs
MobileAudit is a SAST and Malware Analysis for Android Mobile APKs. Django Web application for performing Static Analysis and detecting malware in Android APKs In each of the scans, it would have the following information: Application InfoSecurity InfoComponentsSAST FindingsBest Practices ImplementedVirus Total InfoCertificate InfoStringsDatabasesFiles For easy access there is a sidebar on the left page of the scan: Components db: PostgreSQL 13.2nginx: Nginx 1.19.10rabbitmq:...
