WAF-A-MoLE : A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls
WAF-A-MoLE is a guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al. Given an input SQL injection query, it tries to produce a semantic invariant query that is able to bypass the target WAF. You can use this tool for assessing the robustness of your product by letting WAF-A-MoLE explore the solution space to...
AWS Pen-Testing Laboratory : Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet
AWS Pen-Testing Laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wire guard VPN. Vulnerable instances in a private subnet. NOTE: Ids only defined for region "eu-west-1"For other regions, kali ami id must be specified and metasploitable3 id (after building it) Changelog AMI IDs changed to use Kali 2021.2 Use new Kali version...
Heappy : A Happy Heap Editor To Support Your Exploitation Process
Heappy is an editor based on gdb/gef that helps you to handle the heap during your exploitation development.The project should be considered a didactic tool useful to understand the evolution of the heap during the process life cycle. It has been created to simplify the study of the most common heap exploitation techniques and to support you to solve...
Fully-Homomorphic-Encryption : Libraries And Tools To Perform Fully Homomorphic Encryption Operations On An Encrypted Data Set
Fully-Homomorphic-Encryption, this repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set. About Fully Homomorphic Encryption Fully Homomorphic Encryption (FHE) is an emerging data processing paradigm that allows developers to perform transformations on encrypted data. FHE can change the way computations are performed by preserving privacy end-to-end, thereby giving users even greater confidence...
RomBuster : A Router Exploitation Tool That Allows To Disclosure Network Router Admin Password
RomBuster is a router exploitation tool that allows to disclosure network router admin password. Features Exploits vulnerabilities in most popular routers such as D-Link, Zyxel, TP-Link and Huawei.Optimized to exploit multiple routers at one time from list.Simple CLI and API usage. Installation pip3 install git+https://github.com/EntySec/RomBuster Basic Usage To use RomBuster just type rombuster in your terminal. usage: rombuster RomBuster is a router exploitation tool that allows to disclosure...
CamOver : A Camera Exploitation Tool That Allows To Disclosure Network Camera Admin Password
CamOver is a camera exploitation tool that allows to disclosure network camera admin password. Features Exploits vulnerabilities in most popular camera models such as CCTV, GoAhead and Netwave.Optimized to exploit multiple cameras at one time from list with threading enabled.Simple CLI and API usage. Installation pip3 install git+https://github.com/EntySec/CamOver Basic Usage To use it just type camover in your terminal. usage: camover CamOver is a camera exploitation...
Shreder : A Powerful Multi-Threaded SSH Protocol Password Bruteforce Tool
Shreder is a powerful multi-threaded SSH protocol password brute-force tool. Features Very fast password guessing, just one password in 0.1 second.Optimized for big password lists, Shreder tries 1000 passwords in 1 minute and 40 seconds.Simple CLI and API usage. Installation pip3 install git+https://github.com/EntySec/Shreder Basic Usage To use Shreder just type shreder in your terminal. usage: shreder targetShreder is a powerful multi-threaded SSH protocol password bruteforce tool.positional arguments:targetoptional arguments:-h, --help show...
BlobHunter : Find Exposed Data In Azure With This Public Blob Scanner
BlobHunter is an opensource tool for scanning Azure blob storage accounts for publicly opened blobs.BlobHunter is a part of "Hunting Azure Blobs Exposes Millions of Sensitive Files" research:https://www.cyberark.com/resources/threat-research-blog/hunting-azure-blobs-exposes-millions-of-sensitive-files Overview BlobHunter helps you identify Azure blob storage containers which store files that are publicly available to anyone with an internet connection.The tool will help mitigate risk by identifying poorly configured containers that...
SharpHook : Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials
SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials. In the background it uses the EasyHook project, Once the desired process is up and running SharpHook will automatically inject its dependencies into the target process and then, It will send us the credentials through EasyHook's IPC server. Supported Processes ProcessAPI CallDescriptionProgressmstscCredUnPackAuthenticationBufferWThis will hook into...
CamRaptor : Tool That Exploits Several Vulnerabilities In Popular DVR Cameras To Obtain Network Camera Credentials
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials. Features Exploits vulnerabilities in most popular camera models such as Novo, CeNova and QSee.Optimized to exploit multiple cameras at one time from list with threading enabled.Simple CLI and API usage. Installation pip3 install git+https://github.com/EntySec/CamRaptor Basic Usage To use CamRaptor just type camraptor in your terminal. usage: camraptor CamRaptor is...
.webp "DetectDee – The Ultimate Guide To Tracing Social Media Profiles")
