FisherMan : CLI Program That Collects Information From Facebook User Profiles Via Selenium
FisherMan is a CLI Program That Collects Information From Facebook User Profiles Via Selenium Installation #clone the repo$ git clone https://github.com/Godofcoffe/FisherMan#change the working directory to FisherMan$ cd FisherMan#install the requeriments$ python3 -m pip install -r requeriments.txt#dependency:you need to install geckodriver on your machine,download the binary from the official mozilla repo:https://github.com/mozilla/geckodriver/releases/latestextract and copy the binary, i recommend placing it in /usr/bin Usage $ python3...
REW-sploit : Emulate And Dissect MSF And *Other* Attacks
REW-sploit is a tool to Emulate And Dissect MSF And Other Attacks. Need help in analyzing Windows shellcode or attack coming from Metasploit Framework or Cobalt Strike (or may be also other malicious or obfuscated code)? Do you need to automate tasks with simple scripting? Do you want help to decrypt MSF generated traffic by extracting keys from payloads? REW-sploit is here to help Blue Teams! Install Installation is...
Allstar : GitHub App To Set And Enforce Security Policies
Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to be able to continuously monitor and detect any GitHub setting or repository file contents that may be risky or do not follow security best practices. If Allstar finds a repository to be out of compliance, it will take an...
AuraBorealisApp : A Tool For Visualizing Python Package Registry Security Audit Data
AuraBorealis is a web application for visualizing anomalous and potentially malicious code in Python package registries. It uses security audit data produced by scanning the Python Package Index (PyPI) via Aura, a static analysis designed for large scale security auditing of Python packages. The current tool is a proof-of-concept, and includes some live Aura data, as well as some mockup...
PowerShell Armoury : A PowerShell Armoury For Security Guys And Girls
PowerShell Armoury is meant for pentesters, "insert-color-here"-teamers and everyone else who uses a variety of PowerShell tools during their engagements. It allows you to download and store all of your favourite PowerShell scripts in a single, encrypted file. You do not have to hassle with updating Rubeus, PowerView, manually. Just create a configuration file once or use the default...
Sniffle : A Sniffer For Bluetooth 5 And 4.X LE
Sniffle is a sniffer for Bluetooth 5 and 4.x (LE) using TI CC1352/CC26x2 hardware. Sniffle has a number of useful features, including: Support for BT5/4.2 extended length advertisement and data packetsSupport for BT5 Channel Selection Algorithms #1 and #2Support for all BT5 PHY modes (regular 1M, 2M, and coded modes)Support for sniffing only advertisements and ignoring connectionsSupport for channel map, connection...
SGXRay : Automating Vulnerability Detection for SGX Apps
SGXRay is a tool for Automating Vulnerability Detection for SGX Apps Intel SGX protects isolated application logic and sensitive data inside an enclave with hardware-based memory encryption. To use such hardware-based security mechanism requires a strict programming model on memory usageļ¼ with complex APIs in and out the enclave boundary. Enclave developers are required to apply careful programming practices to...
ReverseSSH : Statically-linked Ssh Server With Reverse Shell Functionality For CTFs And Such
ReverseSSH is a statically-linked ssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges, CTFs or similar. Has been developed and was extensively used during OSCP exam preparation. Features Catching a reverse shell with netcat is cool, sure, but who hasn't accidentally closed a reverse shell with a keyboard interrupt due to muscle memory? Besides their...
Ruse : Mobile Camera-Based Application That Attempts To Alter Photos
Ruse is a mobile camera-based application that attempts to alter photos to preserve their utility to humans while making them unusable for facial recognition systems. Installation Easy Method: Wait and download app from appropriate app store. Download and run ios app via XCode (see Development setup for more detail) Usage Example App is developed as a camera-based app, allowing for the modification...
CamPhish : Grab Cam Shots From Target’S Phone Front Camera Or PC Webcam Just Sending A Link.
CamPhish is techniques to take cam shots of target's phone fornt camera or PC webcam. CamPhish Hosts a fake website on in built PHP server and uses ngrok & serveo to generate a link which we will forward to the target, which can be used on over internet. website asks for camera permission and if the target allows it,...
