How to Pick The Right Web Design & Development Firm
Every future-oriented company must have its website in this age of digital transformation. Your website ensures that clients can understand everything about your company ranging from values, mission, services, cultures, etc. Also, it helps your clients to reach you faster and ensure that you never miss a client ever again. So, your website is your identity, and that's why...
Uchihash : A Small Utility To Deal With Malware Embedded Hashes
Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dynamically importing APIs (especially in shellcode)Checking running process used by analysts (Anti-Analysis)Checking VM or Antivirus artifacts (Anti-Analysis) Uchihash can generate hashes with your own custom hashing algorithm, search for a list of hashes in an already generated...
SharpLAPS : Retrieve LAPS Password From LDAP
SharpLAPS is a tool to Retrieve LAPS Password From LDAP. The attribute ms-mcs-AdmPwd stores the clear-text LAPS password. This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory. Require (either): Account with ExtendedRight or Generic All RightsDomain Admin privilege Usage _ _ _ / // /_ _ / / / | / _ / / _ / _ / _...
Doldrums : A Flutter/Dart Reverse Engineering Tool
Doldrums is a reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally named libapp.so, for all Dart version 2.10 releases. When run, it outputs a full dump of all classes present in the isolate snapshot. The tool is currently in beta, and missing some deserialization routines and class information....
Rz-Ghidra : Deep Ghidra Decompiler And Sleigh Disassembler Integration For Rizin
Rz-Ghidra is an integration of the Ghidra decompiler and Sleigh Disassembler for rizin. It is solely based on the decompiler part of Ghidra, which is written entirely in C++, so Ghidra itself is not required at all and the plugin can be built self-contained. This project was presented, initially for radare2, at r2con 2019 as part of the Cutter talk: https://youtu.be/eHtMiezr7l8?t=950 Installing An...
Domhttpx : A Google Search Engine Dorker With HTTP Toolkit Built With Python, Can Make It Easier For You To Find Many URLs/IPs At Once With Fast Time
domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time. Install git clone https://github.com/naufalardhani/domhttpx.gitcd domhttpxpip3 install -r requirements.txtpython3 domhttpx.py --help Usage Flags This will display help for the tool. Here are all the switches it supports. FlagDescriptionExample-ip, --only-ipShow output as IP onlydomhttpx --only-ip-od, --only-domainShow output as domain onlydomhttpx --only-domain-rp,...
PowerShell Armoury : A PowerShell Armoury For Security Guys And Girls
PowerShell Armoury is meant for pentesters, "insert-color-here"-teamers and everyone else who uses a variety of PowerShell tools during their engagements. It allows you to download and store all of your favourite PowerShell scripts in a single, encrypted file. You do not have to hassle with updating Rubeus, PowerView, manually. Just create a configuration file once or use the default...
TSharkVM : TShark + ELK Analytics Virtual Machine
tsharkVM, this project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance is built using vagrant, which builds Debian 10 with pre-installed and pre-configured ELK stack. After the VM is up, the process is simple: decoded pcaps (tshark -T ek output / ndjson) are sent over TCP/17570 to the VMELK stack in VM will process...
CSIRT-Collect : PowerShell Script To Collect Memory And (Triage) Disk Forensics
CSIRT-Collect is a PowerShell script to collect memory and (triage) disk forensics for incident response investigations. The script leverages a network share, from which it will access and copy the required executables and subsequently upload the acquired evidence to the same share post-collection. Permission requirements for said directory will be dependent on the nuances of the environment and what credentials are...
Cerbrutus : Network Brute Force Tool, Written In Python
Cerbrutus is a Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services. COMING SOON: SMB, HTTP(s) POST, HTTP(s) GET, HTTP BASIC AUTH Thanks to @0dayctf, Rondons, Enigma, and 001 for testing and contributing Installation cd /optgit clone https://github.com/Cerbrutus-BruteForcer/cerbrutus Usage python3 /opt/cerbrutus/cerbrutus.py --helpusage: cerbrutus.py -U USERS -P PASSWORDS ]] Host...
