Bugs-feed : A Local Hosted Portal Where You Can Search For The Latest News, Videos, CVEs, Vulnerabilities…
Bugs-feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities... It's implemented as a PWA application so you can get rid of the explorer and use it as a desktop application. Navigate through different tabs and take a look to the latest bugs or search in all of them at once. It...
Zuthaka : An Open Source Application Designed To Assist Red-Teaming Efforts, By Simplifying The Task Of Managing Different APTs And Other Post-Exploitation Tools
Zuthaka is a collaborative free open-source Command & Control integration framework that allows developers to concentrate on the core function and goal of their C2. About The Project Problem Statement The current C2s ecosystem has rapidly grown in order to adapt to modern red team operations and diverse needs (further information on C2 selection can be found here). This comes with a lot...
CobaltStrikeParser : Python parser for CobaltStrike Beacon’s configuration
CobaltStrikeParser is a Python parser for CobaltStrike Beacon's configuration. Use parse_beacon_config.py for stageless beacons, memory dumps or C2 urls with metasploit compatibility mode (default true).Many stageless beacons are PEs where the beacon code itself is stored in the .data section and xored with 4-byte key.The script tries to find the xor key and data heuristically, decrypt the data and parse the configuration from it. This...
MobileAudit : SAST and Malware Analysis for Android Mobile APKs
MobileAudit is a SAST and Malware Analysis for Android Mobile APKs. Django Web application for performing Static Analysis and detecting malware in Android APKs In each of the scans, it would have the following information: Application InfoSecurity InfoComponentsSAST FindingsBest Practices ImplementedVirus Total InfoCertificate InfoStringsDatabasesFiles For easy access there is a sidebar on the left page of the scan: Components db: PostgreSQL 13.2nginx: Nginx 1.19.10rabbitmq:...
KnockOutlook : A Little Tool To Play With Outlook
KnockOutlook is a C# project that interacts with Outlook's COM object in order to perform a number of operations useful in red team engagements. Command Line Usage _ _ _ _ _ _ / /// / // _ _ / // / _ / /_ / ,< / _ / _ / / /// / / / / / / /...
Assless-Chaps : Crack MSCHAPv2 Challenge/Responses Quickly Using A Database Of NT Hashes
Assless-CHAPs is an efficient way to recover the NT hash used in a MSCHAPv2/NTLMv1 exchange if you have the challenge and response (e.g. from a WiFi EAP WPE attack). It requires a database of NT hashes, instructions on how to make these from existing lists or using hashcat with wordlists and rules are available below. I've included a sample database...
403Bypasser : Automates The Techniques Used To Circumvent Access Control Restrictions On Target Pages
403bypasser automates the techniques used to circumvent access control restrictions on target pages. 403bypasser will continue to be improved and it is open to contributions. Installation Clone the repository to your machine. git clone https://github.com/yunemse48/403bypasser.gitInstall required modules by running the code pip install -r requirements.txtREADY! Usage Arguments ArgumentDescriptionExamplesNote-usingle URL to scanhttp://example.com or http://example.com/All these example usages are interpreted in the same way-Upath to list of URLs./urllist.txt, ../../urllist.txt, etc.Just provide the path...
SigFlip : A Tool For Patching Authenticode Signed PE Files
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) in a way that doesn't affect or break the existing authenticode signature, in other words you can change PE file checksum/hash by embedding data (i.e shellcode) without breaking the file signature, integrity checks or PE file functionality. SigInject encrypts and injects shellcode into a PE file's...
Fpicker : A Frida-based Fuzzing Suite Supporting Various Modes
Fpicker is a Frida-based fuzzing suite that offers a variety of fuzzing modes for in-process fuzzing, such as an AFL++ mode or a passive tracing mode. It should run on all platforms that are supported by Frida. Installation InstructionsBuilding and RunningCreating a Fuzzing HarnessModes and Configuration Some background information and the thoughts and ideas behind fpicker can be found in a blogpost I...
TIGMINT : OSINT (Open Source Intelligence) GUI Software Framework
TIGMINT is an OSINT (Open Source Intelligence) software framework with an objective of making cyber investigations more convinient by implementing abstraction mechanisms to hide the background technical complexity also bundling different analysis techniques for social media Intelligence together providing a simple intuitive web interface for the user to work with. Preview Modules Our Team Documentation Account Finder Twitter Analyser Working Tool Screenshots Local Setup Requirements Python 3.6;beautifulsoup4;Nodejs;matplotlib;pandas;NPM;nltk; Windows Setup Issues For windows users, if the...
