Cerbrutus : Network Brute Force Tool, Written In Python
Cerbrutus is a Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services. COMING SOON: SMB, HTTP(s) POST, HTTP(s) GET, HTTP BASIC AUTH Thanks to @0dayctf, Rondons, Enigma, and 001 for testing and contributing Installation cd /optgit clone https://github.com/Cerbrutus-BruteForcer/cerbrutus Usage python3 /opt/cerbrutus/cerbrutus.py --helpusage: cerbrutus.py -U USERS -P PASSWORDS ]] Host...
Jsleak : A Go Code To Detect Leaks In JS Files Via Regex Patterns
jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it's built for this, you can use it to identify anything as long as you have a regex pattern for it. How To Install Directly: {your package manager} install pkg-config libpcre++-devgo get github.com/0xTeles/jsleak/v2/jsleak How To Use -json string Json output file-pattern string File contains patterns to test-timeout int Timeout...
CSIRT-Collect : PowerShell Script To Collect Memory And (Triage) Disk Forensics
CSIRT-Collect is a PowerShell script to collect memory and (triage) disk forensics for incident response investigations. The script leverages a network share, from which it will access and copy the required executables and subsequently upload the acquired evidence to the same share post-collection. Permission requirements for said directory will be dependent on the nuances of the environment and what credentials are...
Rtl_433 : Program To Decode Radio Transmissions From Devices On The ISM Bands
Rtl_433 (despite the name) is a generic data receiver, mainly for the 433.92 MHz, 868 MHz (SRD), 315 MHz, 345 MHz, and 915 MHz ISM bands. The official source code is in the https://github.com/merbanan/rtl_433/ repository. For more documentation and related projects see the https://triq.org/ site. It works with RTL-SDR and/or SoapySDR. Actively tested and supported are Realtek RTL2832 based DVB dongles (using RTL-SDR) and LimeSDR (LimeSDR USB and LimeSDR mini engineering...
LightMe : HTTP Server Serving Obfuscated Power shell Scripts/Payloads
LightMe is a Simple HTTP Server serving Power shell Scripts/Payloads after Obfuscate them and run obfuscation as a service in background in order to keep obfuscate the payloads which giving almost new obfuscated payload on each HTTP request. Main Features Obfuscate all power shell files within a specific directoryHTTP Server to serve the obfuscated Power shell FilesBackground ObfuscatorAlmost new Payload on...
PackageDNA : Tool To Analyze Software Packages Of Different Programming Languages That Are Being Or Will Be Used In Their Codes
PackageDNA gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes. secure development, if currently supported, possible backdoors (malicious embedded code), typosquatting analysis, the history of versions and reported...
FisherMan : CLI Program That Collects Information From Facebook User Profiles Via Selenium
FisherMan is a CLI Program That Collects Information From Facebook User Profiles Via Selenium Installation #clone the repo$ git clone https://github.com/Godofcoffe/FisherMan#change the working directory to FisherMan$ cd FisherMan#install the requeriments$ python3 -m pip install -r requeriments.txt#dependency:you need to install geckodriver on your machine,download the binary from the official mozilla repo:https://github.com/mozilla/geckodriver/releases/latestextract and copy the binary, i recommend placing it in /usr/bin Usage $ python3...
REW-sploit : Emulate And Dissect MSF And *Other* Attacks
REW-sploit is a tool to Emulate And Dissect MSF And Other Attacks. Need help in analyzing Windows shellcode or attack coming from Metasploit Framework or Cobalt Strike (or may be also other malicious or obfuscated code)? Do you need to automate tasks with simple scripting? Do you want help to decrypt MSF generated traffic by extracting keys from payloads? REW-sploit is here to help Blue Teams! Install Installation is...
Allstar : GitHub App To Set And Enforce Security Policies
Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to be able to continuously monitor and detect any GitHub setting or repository file contents that may be risky or do not follow security best practices. If Allstar finds a repository to be out of compliance, it will take an...
AuraBorealisApp : A Tool For Visualizing Python Package Registry Security Audit Data
AuraBorealis is a web application for visualizing anomalous and potentially malicious code in Python package registries. It uses security audit data produced by scanning the Python Package Index (PyPI) via Aura, a static analysis designed for large scale security auditing of Python packages. The current tool is a proof-of-concept, and includes some live Aura data, as well as some mockup...