LoGiC.NET : A More Advanced Free And Open .NET Obfuscator Using Dnlib
LoGiC.NET is a free and open-source .NET obfuscator that uses dnlib for folks that want to see how obfuscation works with more complex obfuscations than Goldfuscator for example. Before Obfuscation After Obfuscation Dependencies dnlib v3.3.2 : Restore NuGet packages and it'll work (if it doesn't already).SharpConfigParser : https://github.com/AnErrupTion/LoGiC.NET/raw/master/SharpConfigParser.dll Current Features Renames methods, parameters, properties, fields and events.Adds proxy calls.Encrypts strings.Encodes ints.Adds junk methods.Prevents application tampering.Adds control...
Dorothy : Tool To Test Security Monitoring And Detection For Okta Environments
Dorothy is a tool to help security teams test their monitoring and detection capabilities for their Okta environment. Dorothy has several modules to simulate actions that an attacker might take while operating in an Okta environment and actions that security teams should be able to audit. The modules are mapped to the relevant MITRE ATT&CKĀ® tactics, such as persistence, defense evasion,...
Reconmap : VAPT (Vulnerability Assessment And Penetration Testing) Automation And Reporting Platform
Reconmap is a vulnerability assessment and penetration testing (VAPT) platform. It helps software engineers and infosec pros collaborate on security projects, from planning, to implementation and documentation. The tool's aim is to go from recon to report in the least possible time. Requirements DockerDocker compose Documentation Go to https://reconmap.org to find the user, admin and developer manuals. Open-Source Vulnerability Assessment And Pentesting Management Platform Reconmap is an open-source collaboration platform for InfoSec...
TokenTactics : Azure JWT Token Manipulation Toolset
TokenTactics is a Azure JSON Web Token ("JWT") Manipulation Toolset. Azure access tokens allow you to authenticate to certain endpoints as a user who signs in with a device code. Even if they used multi-factor authentication. Once you have a user's access token, it may be possible to access certain apps such as Outlook, SharePoint, OneDrive, MSTeams and more. For instance,...
Juumla : Tool Designed To Identify And Scan For Version, Config Files In The CMS Joomla!
Juumla is a python tool developed to identify the current Joomla version and scan for readable Joomla config files. Installing / Getting started A quick guide of how to install and use Juumla. Clone the repository - git clone https://github.com/oppsec/juumla.gitInstall the libraries - pip3 install -r requirements.txtRun Juumla - python3 main.py -u https://example.com Docker If you want to run Juumla in a Docker container, follow...
Rconn : Rconn Is A Multiplatform Program For Creating Generic Reverse Connections
Rconn (r conn) is a multiplatform program for creating reverse connections. It lets you consume services that are behind NAT and/or firewall without adding firewall rules or port-forwarding. This is achieved by creating a connection from the node behind the firewall/NAT to a port on your local machine, and then a port is exposed in your machine through which...
Ppmap : A Scanner/Exploitation Tool Written In GO, Which Leverages Prototype Pollution To XSS By Exploiting Known Gadgets
Ppmap is a simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets (checks for specific variables in the global context) to perform XSS via Prototype Pollution. NOTE: The program only exploits known gadgets, but does not cover code analysis or any advanced Prototype Pollution exploitation, which may include custom gadgets. Requirements Make sure to have Chromium/Chrome installed: sudo...
MANSPIDER : Spider Entire Networks For Juicy Files Sitting On SMB Shares. Search Filenames Or File Content – Regex Supported!
MANSPIDER will crawl every share on every target system. If provided creds don't work, it will fall back to "guest", then to a null session. File Types Supported PDFDOCXXLSXPPTXany text-based formatand many more!! Installation Install these dependencies to add additional file parsing capability: #for images (png, jpeg)$ sudo apt install tesseract tesseract-data-eng#for legacy document support (.doc)$ sudo apt install antiword Install manspider (please be...
Terra guard : Create And Destroy Your Own VPN Service Using Wire Guard
Terra guard's goal is to be simple to create and destroy your own VPN service using Wire Guard. Prerequisites Terraform >= 1.0.0Ansible >= 2.10.5 How To Deploy Terraform Run with sudo is necessary because we need permission on localhost to install packages, configure a network interface and start a process. Select your cloud provider AWS, DigitalOcean and open the directory You can change the region or key name in the variable.tf Initialize...
Pathprober : Probe And Discover HTTP Pathname Using Brute-Force Methodology And Filtered By Specific Word Or 2 Words At Once
Pathprober is a Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once. Brute-forcing website directories or HTTP pathname and validate using HTTP response code is not relevant anymore. This tool will help you to perform a penetration test, because it could validate the directories using specific-word or 2 words at once...
