slopShell : The Only Php Webshell You Need
slopShell is the only Php Webshell You Need . Since I derped, and forgot to talk about usage. Here goes. For this shell to work, you need 2 things, a victim that allows php file upload(yourself, in an educational environment) and a way to send http requests to this webshell. Thank you for all the support the community has given, it...
AnalyticsRelationships : Get Related Domains / Subdomains By Looking At Google Analytics IDs
AnalyticsRelationships is a tool to Get Related Domains / Subdomains By Looking At Google Analytics IDs. ██╗ ██╗ █████╗ ██╗██████╗ ██║ ██║██╔══██╗ ...
Dystopia : Low To Medium Multithreaded Ubuntu Core Honeypot Coded In Python
Dystopiais a low to medium Ubuntu Core honeypot coded in Python. Features Optional login promptLogs who connects and what they doCapture session to pcap fileAutomatically download links used by attackersCustomize MOTD, Port, Hostname and how many clients can connect at once (default is unlimited)Geolocation (with ipstack)Save and load configAdd support to a plethora of commands To Do Better LoggingServiceEmail AlertsInsights such as charts...
FireStorePwn : Firestore Database Vulnerability Scanner Using APKs
FireStorePwn scans an APK and checks the Firestore database for rules that are not secure, testing with or without authentication. If there are problems with the security rules, attackers could steal, modify or delete data and raise the bill. How It Works Install FSP sudo wget https://raw.githubusercontent.com/takito1812/FireStorePwn/main/fsp -O /bin/fspsudo chmod +x /bin/fsp Running fsp Scanning an APK without authentication fsp app.apk Scanning an APK with authentication With email...
Qvm-Create-Windows-Qube : Spin Up New Windows Qubes Quickly, Effortlessly And Securely
Qvm-Create-Windows-Qube is a tool for quickly and conveniently installing fresh new Windows qubes with Qubes Windows Tools (QWT) drivers automatically. It officially supports Windows 7, 8.1 and 10 as well as Windows Server 2008 R2, 2012 R2, 2016 and 2019. The project emphasizes correctness, security and treating Windows as an untrusted guest operating system throughout the entire process. It also features other goodies such...
Onelinepy : Python Obfuscator To Generate One-Liners And FUD Payloads
Onelinepy is a Python Obfuscator To Generate One-Liners And FUD Payloads. Download & Run git clone https://github.com/spicesouls/onelinepycd onelinepychmod +x setup.sh./setup.shonelinepy Usage Guide _ | || _ _| . | | -| | | | -| . | | | Python|||||||||| | | Obfustucator |_| ||usage: oneline.py optional arguments:-h, --help show this help message and exit-m M Obfustucating...
Arkhota : A Web Brute Forcer For Android
Arkhota is a web (HTTP/S) brute forcer for Android. A web brute forcer is always in a hacker's computer, for obvious reasons. Sometimes attacks require to be quick or/and with minimal device preparation. Also a phone takes less attention rather than a laptop/computer. For this situations here's Arkhota. Usage Explanation is in order of objects in the APK from top to...
Dent : A Framework For Creating COM-based Bypasses Utilizing Vulnerabilities In Microsoft’s WDAPT Sensors
Dent is a framework generates code to exploit vulnerabilties in Microsoft Defender Advanced Threat Protection's Attack Surface Reduction (ASR) rules to execute shellcode without being detected or prevented. ASR was designed to be the first line of defense, detecting events based on actions that violate a set of rules. These rules focus on specific behavior indicators on the endpoint...
Bucky : An Automatic S3 Bucket Discovery Tool
Bucky is an automatic tool designed to discover S3 bucket misconfiguration, Bucky consists up of two modules Bucky firefox addon and Bucky backend engine. Bucky addon reads the source code of the webpages and uses Regular Expression(Regex) to match the S3 bucket used as Content Delivery Network(CDN) and sends it to the Bucky Backend engine. The backend engine receives...
DNS-Black-Cat(DBC) : Multi Platform Toolkit For An Interactive DNS Shell Commands Exfiltration, By Using DNS-Cat You Will Be Able To Execute System Commands In Shell Mode Over DNS Protocol
DNS-Black-Cat is a Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel. Server ported as a python script, which acts as DNS server with required functionalities to provide interactive shell command interface. Client ported as the following file formats Windows 32/64 executable (exe)Linux 32/64 executable...
