HiJackThis : A Free Utility That Finds Malware, Adware & Other Security Threats
HiJackThis Fork is a free utility for Microsoft Windows that scans your computer for settings changed by adware, spyware, malware and other unwanted programs. HiJackThis Fork primarily detects hijacking methods rather than comparing items against a pre-built database. This allows it to detect new or previously unknown malware - but it also makes no distinction between safe and unsafe items....
ADSearch : A Tool To Help Query AD Via The LDAP Protocol
ADSearch is a tool written for cobalt-strike's execute-assembly command that allows for more efficent querying of AD. Key Features List all Domain AdminsCustom LDAP SearchConnect to LDAPS ServersOutput JSON data from AD instancesRetrieve custom attributes from a generic query (i.e. All computers) Usage ADSearch 1.0.0.0Copyright c 2020USAGE:Query Active Directory remotely or locally:ADSearch --domain ldap.example.com --password AdminPass1 --username admin --users-f, --full If set will...
Obfuscator : The Program Is Designed To Obfuscate The Shellcode
Obfuscator program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. XOR AES The tool accepts shellcode in 4 formats. base64 hex c raw Command Line Usage Usage Description ----- ----------- /f ...
Pytmipe : Python Library And Client For Token Manipulations & Impersonations For Privilege Escalation On Windows
PYTMIPE (PYthon library for Token Manipulation and Impersonation for Privilege Escalation) is a Python 3 library for manipulating Windows tokens and managing impersonations in order to gain more privileges on Windows. TMIPE is the python 3 client which uses the pytmipe library. Content A python client: tmipe (python3 tmipe.py)A python library: pytmipe. Useful for including this project in another onepytinstaller examples,...
Siras : Security Incident Response Automated Simulations
Security Incident Response Automated Simulations (SIRAS) are internal/controlled actions that provide a structured opportunity to practice the incident response plan and procedures during a realistic scenarios. the main idea of SIRAS is create an detection-as-a-code testing scenarios to facilitate the blueteam/tabletops scenarios. All smokers of siras make real actions into your AWS and then delete those actions in the...
A Native VPN for Linux Users
From Mac to Windows to the mighty Linux, there are multiple operating systems out there. Obviously, they all have benefits over the others, but for you Linux users out there, you might be thinking you have the best security systems available;those online hackers won’t get hold of your details or subject you to password attacks. You might also be...
Fuzzilli : A JavaScript Engine Fuzzer
Fuzzilli is a (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language ("FuzzIL") which can be mutated and translated to JavaScript. Usage The basic steps to use this fuzzer are: Download the source code for one of the supported JavaScript engines. See the Targets/ directory for the list of supported JavaScript engines.Apply the corresponding patches from the target's directory....
Routopsy : A Toolkit To Attack Networking Protocols
Routopsy is a toolkit built to attack often overlooked networking protocols. Routopsy currently supports attacks against Dynamic Routing Protocols (DRP) and First-Hop Redundancy Protocols (FHRP). Most of the attacks currently implemented make use of a weaponized 'virtual router' as opposed to implementing protocols from scratch. The tooling is not limited to the virtual routers, and allows for further attacks...
Invoke-Antivm : Powershell Tool For VM Evasion
Invoke-AntiVM is a set of modules to perform VM detection and fingerprinting (with exfiltration) via Powershell. Compatibility Run the script check-compatibility.ps1 to check what modules or functions are compatibile with the powershell version. Our goal is to achieve compatibility from 2.0 but we are not there yet. Please run check-compability.ps1 to see what are the current compatiblity issues. Background We wrote this tool...
Bulwark : An Organizational Asset & Vulnerability Management Tool
Bulwark is an organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports. Jira Integration Note: Please keep in mind, this project is in early development. Launch With Docker Install DockerCreate a .env file and supply the following properties: MYSQL_DATABASE="bulwark"MYSQL_PASSWORD="bulwark"MYSQL_ROOT_PASSWORD="bulwark"MYSQL_USER="root"MYSQL_DB_CHECK="mysql"DB_PASSWORD="bulwark"DB_URL="172.16.16.3"DB_ROOT="root"DB_USERNAME="bulwark"DB_PORT=3306DB_NAME="bulwark"DB_TYPE="mysql"NODE_ENV="production"DEV_URL="http://localhost:4200"PROD_URL="http://localhost:5000"JWT_KEY="changeme"JWT_REFRESH_KEY="changeme"CRYPTO_SECRET="changeme"CRYPTO_SALT="changeme" Build and start Bulwark containers: docker-compose up -d Start/Stop Bulwark containers: docker-compose start docker-compose stop Remove Bulwark containers: docker-compose down Bulwark will be...
