LazySign – Create Fake Certs For Binaries Using Windows Binaries And The Power Of Bat Files
LazySign create fake certs for binaries using windows binaries and the power of bat files Over the years, several cool tools have been released that are capable of stealing or forging fake signatures for binary files. All of these tools however, have additional dependencies which require Go,python,... This repo gives you the opportunity of fake signing with 0 additional dependencies, all...
Brutus : An Educational Exploitation Framework Shipped On A Modular And Highly Extensible Multi-Tasking And Multi-Processing Architecture
Brutus is an educational exploitation framework shipped on a modular and highly extensible multi-tasking and multi-processing architecture. Introduction Looking for version 1? See the branches in this repository. Brutus is an educational exploitation framework written in Python. It automates pre and post-connection network-based exploits, as well as web-based reconnaissance. As a light-weight framework, Brutus aims to minimize reliance on third-party dependencies....
PickleC2 : A Post-Exploitation And Lateral Movements Framework
PickleC2 is a simple C2 framework written in python3 used to help the community in Penetration Testers in their red teaming engagements. PickleC2 has the ability to import your own PowerShell module for Post-Exploitation and Lateral Movement or automate the process. Features There is a one implant for the beta version which is powershell. PickleC2 is fully encrypted communications, protecting the confidentiality and...
TsharkVM : Tshark + ELK Analytics Virtual Machine
tsharkVM, this project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance is built using vagrant, which builds Debian 10 with pre-installed and pre-configured ELK stack. After the VM is up, the process is simple: decoded pcaps (tshark -T ek output / ndjson) are sent over TCP/17570 to the VMELK stack in VM will process...
Process-Dump : Windows Tool For Dumping Malware PE Files From Memory Back To Disk For Analysis
Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware files are packed and obfuscated before they are executed in order to avoid AV scanners, however when these files are executed they will often unpack or inject a clean version of the malware code in memory. A common task...
How to ensure compliance in the workplace
It doesn’t matter what industry you’re in, it’s important to ensure compliance. You need to adhere to local and national laws and regulations. Here’s how to ensure compliance in the workplace. Documenting policies and procedures In order to ensure compliance in the workplace, you need to make sure all of your policies and procedures are documented. These should be available on...
adalanche : Active Directory ACL Visualizer and Explorer
adalanche is a Active Directory security is notoriously difficult. Small organizations generally have no idea what they're doing, and way too many people are just added to Domain Admins. In large organizations you have a huge number of people with different needs, and they are delegated access to varying degrees of power in the AD. At some point in...
JWTXploiter : A Tool To Test Security Of Json Web Token
JWTXploiter is a tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token payload: changes claims and subclaims values.Exploit known vulnerable header claims (kid, jku, x5u)Verify a tokenRetrieve the public key of your target's ssl connection and try to use it in a key confusion attack with one option onlyAll JWAs...
Top 6 Front End Development Companies
Front-end development is a mix of development, technology, trends, design, graphic, usability, and creativity that is responsible for everything, what’s visible to users. An intuitive web interface adapted to users’ needs and expectations undoubtedly has an enormous impact on the way the customers perceive the brand. In this post, we have rounded up a list of the best web app...
Raider : Web Authentication Testing Framework
Raiders is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated tests, they don't provide features to test the authentication process itself, i.e. manipulating the relevant input fields to identify broken authentication. Most authentication bugs in the wild have been found by manually testing it or writing custom scripts that replicate the behavior. Raider aims to...
