packetsifterTool : A Tool To Aid Analysts In Sifting Through A Packet Capture (Pcap) To Find Noteworthy Traffic
packetsifterTool is to perform batch processing of PCAP data to uncover potential IOCs.Simply initialize PacketSifter with your desired integrations (Virus Total, Abuse IPDB) and pass PacketSifter a pcap and the desired switches and PacketSifter will sift through the data and generate several output files. Note Please run AbuseIPDBInitial.sh and VTInitial.sh prior to using their corresponding switches or the integrations will not...
Penelope : Shell Handler
Penelope is an advanced shell handler. Its main aim is to replace netcat as shell catcher during exploiting RCE vulnerabilities. It works on Linux and macOS and the only requirement is Python3. It is one script without 3rd party dependencies and hopefully it will stay that way. Among the main features are: Auto-upgrade shells to PTY (auto-resize included)Logging interaction with the...
GoPurple : Yet Another Shellcode Runner Consists Of Different Techniques For Evaluating Detection Capabilities Of Endpoint Security Solutions
GoPurple is a simple collection of various shell code injection techniques, aiming to streamline the process of endpoint detection evaluation, beside challenging myself to get into Golang world. Installation Requires go installed. Build the application from the project's directory: go build. Set GOOS=windows if the build system is not Windows _ / | | || | _ _ _ _ _ _ _ _...
What Do You Need to Know About Programming before You Try Learning It
Programming has been one of the most lucrative and promising career paths for the last couple of decades, and it does not seem to be losing momentum. On the contrary – the demand for skilled programmers is higher than ever, and working in this industry is growing more promising with every passing year. It is not surprising, then, that...
Bugs-feed : A Local Hosted Portal Where You Can Search For The Latest News, Videos, CVEs, Vulnerabilities…
Bugs-feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities... It's implemented as a PWA application so you can get rid of the explorer and use it as a desktop application. Navigate through different tabs and take a look to the latest bugs or search in all of them at once. It...
Zuthaka : An Open Source Application Designed To Assist Red-Teaming Efforts, By Simplifying The Task Of Managing Different APTs And Other Post-Exploitation Tools
Zuthaka is a collaborative free open-source Command & Control integration framework that allows developers to concentrate on the core function and goal of their C2. About The Project Problem Statement The current C2s ecosystem has rapidly grown in order to adapt to modern red team operations and diverse needs (further information on C2 selection can be found here). This comes with a lot...
CobaltStrikeParser : Python parser for CobaltStrike Beacon’s configuration
CobaltStrikeParser is a Python parser for CobaltStrike Beacon's configuration. Use parse_beacon_config.py for stageless beacons, memory dumps or C2 urls with metasploit compatibility mode (default true).Many stageless beacons are PEs where the beacon code itself is stored in the .data section and xored with 4-byte key.The script tries to find the xor key and data heuristically, decrypt the data and parse the configuration from it. This...
MobileAudit : SAST and Malware Analysis for Android Mobile APKs
MobileAudit is a SAST and Malware Analysis for Android Mobile APKs. Django Web application for performing Static Analysis and detecting malware in Android APKs In each of the scans, it would have the following information: Application InfoSecurity InfoComponentsSAST FindingsBest Practices ImplementedVirus Total InfoCertificate InfoStringsDatabasesFiles For easy access there is a sidebar on the left page of the scan: Components db: PostgreSQL 13.2nginx: Nginx 1.19.10rabbitmq:...
KnockOutlook : A Little Tool To Play With Outlook
KnockOutlook is a C# project that interacts with Outlook's COM object in order to perform a number of operations useful in red team engagements. Command Line Usage _ _ _ _ _ _ / /// / // _ _ / // / _ / /_ / ,< / _ / _ / / /// / / / / / / /...
Assless-Chaps : Crack MSCHAPv2 Challenge/Responses Quickly Using A Database Of NT Hashes
Assless-CHAPs is an efficient way to recover the NT hash used in a MSCHAPv2/NTLMv1 exchange if you have the challenge and response (e.g. from a WiFi EAP WPE attack). It requires a database of NT hashes, instructions on how to make these from existing lists or using hashcat with wordlists and rules are available below. I've included a sample database...
