A Native VPN for Linux Users
From Mac to Windows to the mighty Linux, there are multiple operating systems out there. Obviously, they all have benefits over the others, but for you Linux users out there, you might be thinking you have the best security systems available;those online hackers won’t get hold of your details or subject you to password attacks. You might also be...
Fuzzilli : A JavaScript Engine Fuzzer
Fuzzilli is a (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language ("FuzzIL") which can be mutated and translated to JavaScript. Usage The basic steps to use this fuzzer are: Download the source code for one of the supported JavaScript engines. See the Targets/ directory for the list of supported JavaScript engines.Apply the corresponding patches from the target's directory....
Routopsy : A Toolkit To Attack Networking Protocols
Routopsy is a toolkit built to attack often overlooked networking protocols. Routopsy currently supports attacks against Dynamic Routing Protocols (DRP) and First-Hop Redundancy Protocols (FHRP). Most of the attacks currently implemented make use of a weaponized 'virtual router' as opposed to implementing protocols from scratch. The tooling is not limited to the virtual routers, and allows for further attacks...
Invoke-Antivm : Powershell Tool For VM Evasion
Invoke-AntiVM is a set of modules to perform VM detection and fingerprinting (with exfiltration) via Powershell. Compatibility Run the script check-compatibility.ps1 to check what modules or functions are compatibile with the powershell version. Our goal is to achieve compatibility from 2.0 but we are not there yet. Please run check-compability.ps1 to see what are the current compatiblity issues. Background We wrote this tool...
Bulwark : An Organizational Asset & Vulnerability Management Tool
Bulwark is an organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports. Jira Integration Note: Please keep in mind, this project is in early development. Launch With Docker Install DockerCreate a .env file and supply the following properties: MYSQL_DATABASE="bulwark"MYSQL_PASSWORD="bulwark"MYSQL_ROOT_PASSWORD="bulwark"MYSQL_USER="root"MYSQL_DB_CHECK="mysql"DB_PASSWORD="bulwark"DB_URL="172.16.16.3"DB_ROOT="root"DB_USERNAME="bulwark"DB_PORT=3306DB_NAME="bulwark"DB_TYPE="mysql"NODE_ENV="production"DEV_URL="http://localhost:4200"PROD_URL="http://localhost:5000"JWT_KEY="changeme"JWT_REFRESH_KEY="changeme"CRYPTO_SECRET="changeme"CRYPTO_SALT="changeme" Build and start Bulwark containers: docker-compose up -d Start/Stop Bulwark containers: docker-compose start docker-compose stop Remove Bulwark containers: docker-compose down Bulwark will be...
Doctrack – Tool To Manipulate & Insert Tracking Pixels Into Office Open XML Documents
Doctrack is a tool to manipulate and insert tracking pixels into Office Open XML documents. Features Insert tracking pixels into Office Open XML documents (Word and Excel)Inject template URL for remote template injection attackInspect external target URLs and metadataCreate Office Open XML documents (#TODO) Installation You will need to download .Net Core SDK for your platform. Then, to build single binary on Windows: $...
Rehex : Reverse Engineers’ Hex Editor
Rehex is a cross-platform (Windows, Linux, Mac) hex editor for reverse engineering, and everything else. Features Large (1TB+) file supportDecoding of integer/floating point value typesDisassembly of machine codeHighlighting and annotation of ranges of bytesSide by side comparision of selections Installation The Releases page has standalone packages for Windows and Mac, as well as installable packages for popular Linux distributions, or you can install...
GPing : Ping With A Graph
GPing is a Ping, but with a graph. Install FYI: The old Python version can be found under the python tag. Homebrew (MacOS) brew install gping Homebrew (Linux) brew install orf/brew/gping Binaries (Windows) Download the latest release from the github releases page. Extract it and move it to a directory on your PATH. Cargo cargo install gping Usage Just run gping . $ gping --helpgping 0.1.7Ping, but with a graph.USAGE:gping …FLAGS:-h,...
Garud : An Automation Tool To Scans Sub-Domains
Garud is an automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters. Requirements: Go Language, Python 2.7 or Python 3.System requirements: Recommended to run on vps with 1VCPU and 2GB ram.Tools used - You must need to install these tools to use this scriptSubFinderSublist3rGF PatternsGauSubzySubjack: save fingerprints.json file into ~/tools/...
Go_Parser : Yet Another Golang Binary Parser For IDAPro
This master branch is written in Python2 for IDAPython, and tested only on IDA7.2/IDA7.0. If you use IDAPython with Python3 and higher version of IDAPro, please use Python3 Branch for Go_Parser. Inspired by golang_loader_assist and jeb-golang-analyzer, I wrote a more complete Go binaries parsing tool for IDAPro. Main Features Locate and parse firstmoduledata structure in Go binary file, and make comment for...
.png "CATS : REST API Fuzzer And Negative Testing Tool For OpenAPI Endpoints")
