Girsh : Automatically Spawn A Reverse Shell Fully Interactive
With Girsh, just run it and it will detect the OS and execute the correct commands to upgrade it to a full interactive reverse shell. For a Linux Get the terminal's sizeSpawn a tty using python2.7, python3 and pythonChange the terminal as raw For a Windows Dowload ConPTY on the same machine and same port as the reverse shell serverListen for getting the...
HTTP_Bridge : Send TCP Stream Packets Over Simple HTTP Request
HTTP_Bridge is a tool used for compouned of two parts, the server and a client. Server The server is just a php file with some logic to keep a stateful connections using tcp sockets, and handle the incomming http requests; by now this logic only works over linux servers. I've test it with apache+mod_php, nginx+php-fpm and the built-in php server (php -S) Client The...
Gitls : Enumerate Git Repository URL From List Of URL / User / Org
Gitls tool is available when the repository, such as GitHub, is included in the bug bounty scope. Sometimes specified as an org name or user name rather than a specific repository, you can use this tool to extract url from all public repositories included in the org/user. This can be used for various actions such as scanning or cloning for...
Go-RouterSocks : Router Sock. One Port Socks For All The Others
Go-RouterSocks is a next step after compromising a machine is to enumerate the network behind. Many tools exist to expose a socks port on the attacker's machine and send all the traffic through a tunnel to the compromised machine. When several socks ports are available, we have to manage different proxychains configuration to choose the targeted network. This tool...
HiddenEyeReborn : HiddenEye With Completely New Codebase & Better Features Set
HiddenEyeReborn is my their try on doing multi-featured tool for human mistakes exploitation. Currently, HE: RE has mainly phishing features. But we are planning on adding more, you can follow development progress by looking at (REMIND ME TO DO ROADMAP) or Projects Tab on GitHub. Installation HE: RE is available on PyPI and can be installed using pip: pip install hiddeneye-reborn That's all...
SUB 404 : A Fast Tool To Check Subdomain Takeover Vulnerability
Sub 404 is a tool written in python which is used to check possibility of subdomain takeover vulnerability and it is fast as it is Asynchronous. Why? During recon process you might get a lot of subdomains(e.g more than 10k). It is not possible to test each manually or with traditional requests or urllib method as it is very slow. Using...
Procrustes : Script To Automates The Exfiltration Of Data Over DNS
Procrustes is a bash script that automates the exfiltration of data over dns in case we have a blind command execution on a server where all outbound connections except DNS are blocked. The script currently supports sh, bash and powershell and is compatible with exec style command execution (e.g. java.lang.Runtime.exec). Unstaged: Staged: For its operations, the script takes as input the command...
Chameleon : Customizable Honeypots For Monitoring Network Traffic
Chameleon is a customizable honeypots for monitoring network traffic, bots activities and usernamepassword credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET and Postgres and MySQL). Grafana Interface NMAP Scan Credentials Monitoring General Features Modular approach (honeypots run as scripts or imported as objects)Most honeypots serve as servers (Only a few that emulate the application layer protocols)Settings...
uEmu : Tiny Cute Emulator Plugin For IDA Based On Unicorn
uEmu is a tiny cute emulator plugin for IDA based on unicorn engine. Supports following architectures out of the box: x86, x64, ARM, ARM64, MIPS, MIPS64. What is it GOOD for? Emulate bare metal code (bootloaders, embedded firmware etc)Emulate standalone functions What is it BAD for? Emulate complex OS code (dynamic libraries, processes etc)Emulate code with many syscalls What can be improved? Find a way...
CertEagle : Asset Monitoring Utility
CertEagle is a asset monitoring utility using real time CT log feeds. In Bugbounties “If you are not first , then you are last” there is no such thing as silver or a bronze medal , Recon plays a very crucial part and if you can detect/Identify a newly added asset earlier than others then the chances of you Finding/Reporting...
