FRIDA-DEXDump : Fast Search And Dump Dex On Memory
FRIDA-DEXDump is a tool for Fast Search And Dump Dex On Memory. Features support fuzzy search broken header dex.fix struct data of dex-header.compatible with all android version(frida supported).support loading as objection plugin ~pypi package has been released ~ Requires frida: pip install frida click pip install click Installation From pypi pip3 install frida-dexdumpfrida-dexdump -h From source git clone https://github.com/hluwa/FRIDA-DEXDumpcd FRIDA-DEXDump/frida-dexdumppython3 main.py -h Usage Run frida-dexdump or python3 main.py to attach current front most application and dump dexs.Or,...
Scour : AWS Exploitation Framework
Scour is a modern module based AWS exploitation framework written in golang, designed for red team testing and blue team analysis. Scour contains modern techniques that can be used to attack environments or build detections for defense. Features Command Completion Dynamic resource listing Command history Blue team mode (tags attacks with unique User Agent) Installation Scour is written in golang so its easy to ship around...
Backstab : A Tool To Kill Antimalware Protected Processes
Backstab is a tool to Kill Antimalware Protected Processes. Kill EDR Protected Processes Have these local admin credentials but the EDR is standing in the way? Unhooking or direct syscalls are not working against the EDR? Well, why not just kill it? Backstab is a tool capable of killing antimalware protected processes by leveraging sysinternals’ Process Explorer (ProcExp) driver, which...
Invoke-DNSteal : Simple And Customizable DNS Data Exfiltrator
Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltrator. This tool helps you to exfiltrate data through DNS protocol over UDP and TCP, and lets you control the size of queries using random delay. Also, allows you to avoid detections by using random domains in each of your queries and you can use it to transfer information both locally and remotely. Requirements Powershell...
Gorsair : Hacks Its Way Into Remote Docker Containers That Expose Their APIs
Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access to the docker daemon, you can use Gorsair to directly execute commands on remote containers. Exposing the docker API on the internet is a tremendous risk, as it can let malicious agents get information on all of the other...
Red-Shadow : Lightspin AWS IAM Vulnerability Scanner
Red-Shadow is a tool for Lightspin AWS IAM Vulnerability Scanner. Scan your AWS IAM Configuration for shadow admins in AWS IAM based on misconfigured deny policies not affecting users in groups discovered by Lightspin's Security Research Team. The tool detects the misconfigurations in the following IAM Objects: Managed PoliciesUsers Inline PoliciesGroups Inline PoliciesRoles Inline Policies Research Summary AWS IAM evaluation logic for deny policies...
Forblaze : A Python Mac Steganography Payload Generator
Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C file for you which will be compiled to pull desired encrypted URLs out of the stego file, fetch payloads over https, and execute them directly into memory. It utilizes custom encryption - it is not cryptographically secure, but purely...
S3-Account-Search : S3 Account Search
S3-Account-Search tool lets you find the account id an S3 bucket belongs too. For this to work you need to have at least one of these permissions: Permission to download a known file from the bucket (s3:getObject).Permission to list the contents of the bucket (s3:ListBucket). Additionally, you will need a role that you can assume with (one of) these permissions on the...
WAF-A-MoLE : A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls
WAF-A-MoLE is a guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al. Given an input SQL injection query, it tries to produce a semantic invariant query that is able to bypass the target WAF. You can use this tool for assessing the robustness of your product by letting WAF-A-MoLE explore the solution space to...
AWS Pen-Testing Laboratory : Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet
AWS Pen-Testing Laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wire guard VPN. Vulnerable instances in a private subnet. NOTE: Ids only defined for region "eu-west-1"For other regions, kali ami id must be specified and metasploitable3 id (after building it) Changelog AMI IDs changed to use Kali 2021.2 Use new Kali version...
