GitDump : A Pentesting Tool That Dumps The Source Code From .Git Even When The Directory Traversal Is Disabled
GitDump dumps the source code from .git when the directory traversal is disabled Requirements Python3 Tested On WindowsKali Linux What It Does Dump source code from website/.git directory when directory traversal is disabled. How It Works Fetch all common files (.git/index, .git/HEAD, .git/ORIG_HEAD, etc.).Find as many objects (sha1) as possible by analyzing .git/packed-refs, .git/index, etc.Download idx and pack files.Now you can run git checkout -- . to...
Sharperner : Simple Executable Generator With Encrypted Shellcode
Sharperner is a tool written in CSharp that generate .NET dropper with AES and XOR obfuscated shellcode. Generated executable can possibly bypass signature check but I cant be sure it can bypass heuristic scanning. Features PE binary Process HollowingPPID SpoofingRandom generated AES key and ivFinal Shellcode, Key and IV are translated to morse code .NET binary AES + XOR encrypted shellcodeAPC Process Injection...
TiEtwAgent : PoC Memory Injection Detection Agent Based On ETW, For Offensive And Defensive Research Purposes
TiEtwAgent project was created to research, build and test different memory injection detection use cases and bypass techniques. The agent utilizes Microsoft-Windows-Threat-Intelligence event tracing provider, as a more modern and stable alternative to Userland-hooking, with the benefit of Kernel-mode visibility. The project depends on the microsoft/krabsetw library for ETS setup and consumption. An accompanying blog post can be found here: https://blog.redbluepurple.io/windows-security-research/kernel-tracing-injection-detection Adding New Detections Detection functions...
OpenAttack : An Open-Source Package For Textual Adversarial Attack
OpenAttack is an open-source Python-based textual adversarial attack toolkit, which handles the whole process of textual adversarial attacking, including preprocessing text, accessing the victim model, generating adversarial examples and evaluation. Features & Uses OpenAttack has following features: High usability. OpenAttack provides easy-to-use APIs that can support the whole process of textual adversarial attacks;Full coverage of attack model types. OpenAttack supports sentence-/word-/character-level perturbations and...
Lazyrecon : Tool To Automate Your Reconnaissance Process In An Organized Fashion
Lazyrecon is a subdomain discovery tool that finds and resolves valid subdomains then performs SSRF/LFI/SQLi fuzzing, brute-force and port scanning. It has a simple modular architecture and is optimized for speed while working with github and wayback machine. Features Super fast asynchronous executionCI/CD readyHTML/pdf reportsDiscord integrationBackground listen serverDomain name, list of domains, IP, CIDR input - notations supportTeardown and program exit...
GDir-Thief : Red Team Tool For Exfiltrating The Target Organization’S Google People Directory That You Have Access To, Via Google’s API
GDir-Thief is a Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's People API. HOW TO Create a new Google Cloud Platform (GCP) project Steps to get the Google API Access Token needed for connecting to the API Create a burner gmail/google accountLogin to said accountNavigate to the Google Cloud ConsoleNext to "Google Cloud Platform,"...
MacHound : An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts
MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts. MacHound collects information about logged-in users, and administrative group members on Mac machines and ingest the information into the Bloodhound database. In addition to using the HasSession and AdminTo edges, MacHound adds three new edges to the Bloodhound database: CanSSH...
FRIDA-DEXDump : Fast Search And Dump Dex On Memory
FRIDA-DEXDump is a tool for Fast Search And Dump Dex On Memory. Features support fuzzy search broken header dex.fix struct data of dex-header.compatible with all android version(frida supported).support loading as objection plugin ~pypi package has been released ~ Requires frida: pip install frida click pip install click Installation From pypi pip3 install frida-dexdumpfrida-dexdump -h From source git clone https://github.com/hluwa/FRIDA-DEXDumpcd FRIDA-DEXDump/frida-dexdumppython3 main.py -h Usage Run frida-dexdump or python3 main.py to attach current front most application and dump dexs.Or,...
Scour : AWS Exploitation Framework
Scour is a modern module based AWS exploitation framework written in golang, designed for red team testing and blue team analysis. Scour contains modern techniques that can be used to attack environments or build detections for defense. Features Command Completion Dynamic resource listing Command history Blue team mode (tags attacks with unique User Agent) Installation Scour is written in golang so its easy to ship around...
Backstab : A Tool To Kill Antimalware Protected Processes
Backstab is a tool to Kill Antimalware Protected Processes. Kill EDR Protected Processes Have these local admin credentials but the EDR is standing in the way? Unhooking or direct syscalls are not working against the EDR? Well, why not just kill it? Backstab is a tool capable of killing antimalware protected processes by leveraging sysinternals’ Process Explorer (ProcExp) driver, which...
