Chameleon : Customizable Honeypots For Monitoring Network Traffic
Chameleon is a customizable honeypots for monitoring network traffic, bots activities and usernamepassword credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET and Postgres and MySQL). Grafana Interface NMAP Scan Credentials Monitoring General Features Modular approach (honeypots run as scripts or imported as objects)Most honeypots serve as servers (Only a few that emulate the application layer protocols)Settings...
uEmu : Tiny Cute Emulator Plugin For IDA Based On Unicorn
uEmu is a tiny cute emulator plugin for IDA based on unicorn engine. Supports following architectures out of the box: x86, x64, ARM, ARM64, MIPS, MIPS64. What is it GOOD for? Emulate bare metal code (bootloaders, embedded firmware etc)Emulate standalone functions What is it BAD for? Emulate complex OS code (dynamic libraries, processes etc)Emulate code with many syscalls What can be improved? Find a way...
CertEagle : Asset Monitoring Utility
CertEagle is a asset monitoring utility using real time CT log feeds. In Bugbounties “If you are not first , then you are last” there is no such thing as silver or a bronze medal , Recon plays a very crucial part and if you can detect/Identify a newly added asset earlier than others then the chances of you Finding/Reporting...
SSRFuzz : A Tool To Find Server Side Request Forgery Vulnerabilities, With CRLF Chaining Capabilities
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities. Why? I wanted to write a tool in Golang for concurrencyI wanted to fuzz parameters for SSRF vulnerablities, as well as fuzz both paths and parameters for CRLF injectionsI was inspired by Orange's work for chaining these types of vulnerabilities together (https://blog.orange.tw) Installation Run the following command to...
Is Kia Sportage Malaysia The Best SUV 2021
In Malaysia, Kia Sportage is offered in only two variants; Kia Sportage 2.0 EX at RM 123,480 and Kia Sportage 2.0D GT-LINE for RM 139,888. With Malaysia stocked with about 316 SUVs, analyzing those equivalent to the Sportage in terms of pricing is not only tricky but confusing. The design employed in every brand greatly differs from each other and...
After The 2019 Mitsubishi Triton Athlete Run, Is It Worth Buying?
Mitsubishi Triton has a rich history dating back to 1974 which is probably the reason it stands out in the midst of the compact pickup tracks long list. Mitsubishi Motors Thailand launched the updated 2019 Triton with a new facial look, stronger suspension, improved automatic transmission system and a rear differential lock in the large trims. Even though without the...
Toyota Yaris Ativ Designed to Rule Eco-Car B-Segment In Thailand
For the Toyota Yaris Ativ to rule the B-segment sedans in Thailand, Toyota gave a major upgrade on for areas; comfort and ride, exterior and interior design, safety and fuel efficiency. Even though Yaris Ativ was among the last eco-car entrants into Thailand, it's now among the best-selling sedan in this category. As the competition for the most fuel-efficient green...
Galer : A Fast Tool To Fetch URLs From HTML Attributes By Crawl-In
Galer is a fast tool to fetch URLs from HTML attributes by crawl-in. Inspired by the @omespino Tweet, which is possible to extract src, href, url and action values by evaluating JavaScript through Chrome DevTools Protocol. Installation From Binary The installation is easy. You can download a prebuilt binary from releases page, unpack and run! or with (sudo) curl -sSfL https://git.io/galer | sh...
ScareCrow : Payload Creation Framework Designed Around EDR Bypass
ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). Once the DLL loader is loaded into memory, utilizing a technique to flush an EDR’s hook out the system DLLs running in the process's memory. This works because we know the EDR’s hooks...
BlackMamba : C2/Post-Exploitation Framework
BlackMamba is a multi-client C2/post-exploitation framework with some spyware features. It is powered by Python 3.8.6 and QT Framework. Features Multi-Client - Supports multiple client connections at the same time.Real-Time Communication Updates - Real-time communication and updates between the client and server.Encrypted Communication - Almost all communications are encrypted, except for screen video streaming.Screenshot Gathering - Get a real-time screenshot from...
