Tko-Subs : A Tool That Can Help Detect And Takeover Subdomains With Dead DNS Records
Tko-Subs allows: To check whether a subdomain can be taken over because it has:a dangling CNAME pointing to a CMS provider (Heroku, Github, Shopify, Amazon S3, Amazon CloudFront, etc.) that can be taken over.a dangling CNAME pointing to a non-existent domain nameone or more wrong/typoed NS records pointing to a nameserver that can be taken over by an attacker to...
How to Improve your Remote Debugging Game for Java
Introduction Debugging is a significant part of programming. It contributes to improving the program output, locating code errors, finding the root cause of errors, etc. Creating an excellent debugging approach requires experience: it enables a developer to adopt a logical, rational, and analytical approach to solving the problem. The latest innovation in the debugging process is a method of code debugging...
Public Records: Types, Risks, and Removal Tips
Public records are kept openly accessible for a reason: they provide essential information for general public use. This is all fine as long as they’re accessed on reasonable grounds. But today, they have become a source of data for various unintended activities, often endangering the privacy of innocent citizens. So, let’s take a look at what’s classified as public records...
Bantam : A PHP Backdoor Management And Generation tool/C2 Featuring End To End Encrypted Payload Streaming Designed To Bypass WAF, IDS, SIEM Systems
Bantam is an advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation tool. Features end to end encryption with request unique encryption keys, and payload streaming designed to bypass WAF, IDS, SIEM systems. It incorporates several payload randomization and obfuscation techniques to help prevent detection when encryption is not...
NinjaDroid : Ninja Reverse Engineering On Android APK Packages
NinjaDroid is a simple tool to reverse engineering Android APK packages. $ snap install ninjadroid --channel=beta Overview NinjaDroid uses AXMLParser together with a series of Python scripts based on aapt, keytool, string and such to extract a series of information from a given APK package, such as: List of files of the APK: file name, size, MD5, SHA-1, SHA-256 and SHA-512AndroidManifest.xml info: app name, package name, version, sdks, permissions, activities,...
Nimplant : A Cross-Platform Implant Written In Nim
Nimplant is a cross-platform (Linux & Windows) implant written in Nim as a fun project to learn about Nim and see what it can bring to the table for red team tool development. Currently, Nimplant lacks extensive evasive tradecraft; however, overtime Nimplant will become much more sophisticated. Installation To install Nimplant, you'll need Mythic installed on a remote computer. You can...
How Does Your Browser Spy on You?
Unfortunately, we have to admit that we are all under Big Brother's watchful eye. Internet keeps every piece of information even when we don't really want to share it. Indeed, corporations state they need detailed information about a person only to offer intuitive web surfing and optimal advertising. But you shouldn't really trust these «hearty» care words. Close and...
Http-Request-Smuggling : HTTP Request Smuggling Detection Tool
Http-Request-Smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request to bypass security controls and gain unauthorized access to performs malicious activities, the vulnerability was discovered back in 2005 by watchfire and later in August 2019 it re-discovered by James Kettle - (albinowax) and presented at DEF CON 27 and Black-Hat USA, to know more about this vulnerability...
AlanFramework : A Post-Exploitation Framework
AlanFramework is a post-exploitation framework useful during red-team activities. Changelog 3.0.0 - 15/05/2021 Renamed agent shell quit command to exitImplemented agent migration via migrate commandFixed error in retrieving OS versionAdded DLL as agent format in the creation wizard.Implemented ps command to list the currently running processesImplemented download command to locally download a file or an entire directoryImplemented upload command to upload files to the compromised hostImplemented SuccessRequest as HTTP server response option to customize the...
Karton : Distributed Malware Processing Framework Based On Python, Redis And MinIO
Karton is a robust framework for creating flexible and lightweight malware analysis backends. It can be used to connect malware* analysis systems into a robust pipeline with very little effort. We've been in the automation business for a long time. We're dealing with more and more threats, and we have to automate everything to keep up with incidents. Because of this, we often end...
