Ligolo-Ng : An Advanced, Yet Simple, Tunneling/Pivoting Tool That Uses A TUN Interface
Ligolo-Ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection without the need of SOCKS. Features Tun interface (No more SOCKS!)Simple UI with agent selection and network informationEasy to use and setupAutomatic certificate configuration with Let's EncryptPerformant (Multiplexing)Does not require high privilegesSocket listening/binding on the agentMultiple platforms supported for the agent How Is This Different From Ligolo/Chisel/Meterpreter... ? Instead of using a SOCKS proxy or...
MEAT : This Toolkit Aims To Help Forensicators Perform Different Kinds Of Acquisitions On iOS Devices
MEAT aims to help forensicators perform different kinds of acquisitions on iOS devices (and Android in the future). Requirements to run from source Windows or LinuxPython 3.7.4 or 3.7.2Pip packages seen in requirements.txt Types of Acquisitions Supported iOS Devices Logical Using the logical acquisition flag on MEAT will instruct the tool to extract files and folders accessible through AFC on jailed devices. The specific folder...
Speakeasy : Windows Kernel And User Mode Emulation
Speakeasy is a portable, modular, binary emulator designed to emulate Windows kernel and user mode malware. Check out the overview in the first Speakeasy blog post. Instead of attempting to perform dynamic analysis using an entire virtualized operating system, Speakeasy will emulate specific components of Windows. Specifically, by emulating operating system APIs, objects, running processes/threads, filesystems, and networks it should be possible...
Huan : Encrypted PE Loader Generator
Huan is an encrypted PE Loader Generator that I developed for learning PE file structure and PE loading processes. It encrypts the PE file to be run with different keys each time and embeds it in a new section of the loader binary. Currently, it works on 64 bit PE files. How It Works? First, Huan reads the given PE file...
Kali Linux 2021.3 Released for NetHunter Smartwatch and With New Hacking Tools
The most popular penetration testing distro Kali linux announced a new version that included extended support for OpenSSL, new Tools, Live VM Support, and support for smartwatch. The Kali Linux 2021.3 is the third release of the year, now it is available for ready download or users can update to the latest version. What's New With Kali Linux 2021.3 OpenSSL by Default Starting...
Pantagrule : Large Hashcat Rulesets Generated From Real-World Compromised Passwords
Pantagrule is a series of rules for the hashcat password cracker generated from large amounts of real-world password compromise data. While Pantagrule rule files can be large, the rules are both tunable and perform better than many existing rule sets. Pantagrule was generated using PACK's Levenshtein Reverse Path algorithm for automated rule generation (Kacherginsky, 2013). PACK's output was then sorted based upon the...
Ctf-Screenshotter : A CTF Web Challenge About Making Screenshots
Ctf-Screenshotter is a CTF web challenge about making screenshots. It is inspired by a bug found in real life. The challenge was created by @LiveOverflow for https://cscg.de/. Watch the video writeup here: https://www.youtube.com/watch?v=FCjMoPpOPYI Run The Challenge To run the challenge you have to install docker-compose: docker-compose up Once the servicses are running, you should be able to access http://127.0.0.1:5000. Solution The DO_NOT_ACCESS folder contains the solution when you checkout the solution branch with git checkout solution. Download
BeaconEye : Hunts Out CobaltStrike Beacons And Logs Operator Command Output
BeaconEye scans running processes for active Cobalt Strike beacons. When processes are found to be running beacon, BeaconEye will monitor each process for C2 activity. How It Works BeaconEye will scan live processes or MiniDump files for suspected CobaltStrike beacons. In live process mode, BeaconEye optionally attaches itself as a debugger and will begin monitoring beacon activity for C2 traffic (HTTP/HTTPS...
Dorkify : Perform Google Dork Search
Dorkify perform Google Dork Search. Google dorking is a hacker technique that uses Google Search to find security holes in the configuration and computer code that websites use. Google Dorking involves using advanced operators in the Google search engine to locate specific strings of text within search results such as finding specific versions of vulnerable Web applications. Users can...
SLSA : Supply-chain Levels For Software Artifacts
SLSA (pronounced "salsa") is security framework from source to service, giving anyone working with software a common language for increasing levels of software security and supply chain integrity. The best way to read about SLSA is to visit slsa.dev. What's in this repo? The primary content of this repo is the docs/ directory, which contains the core SLSA specification and sources to the slsa.dev website. You can read SLSA's...
