.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
HeapInspect : Inspect Heap In Python
HeapInspect is designed to make heap much more prettier. So let us have some of the feature of this tool which will inspect heap in python; Free of gdb and other requirementMulti glibc support 2.19, 2.23-2.27 (currently tested)both 32bit and 64bit Nice UI to show heap HeapShower (detailed)PrettyPrinter (colorful, summary) Heapdiff (working)Corruption detect & exploit analysis (working)Also support gdb (python2...
CHAPS : Configuration Hardening Assessment PowerShell Script
CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy Analyzer, cannot be installed. The purpose of this script is to run it on a server or workstation to collect configuration information about that system. The information collected can then be used to provide ...
Karonte : Static Analysis Tool To Detect Multi-Binary Vulnerabilities In Embedded Firmware
Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware. Research Paper We present our approach and the findings of this work in the following research paper: Detecting Insecure Multi-binary Interactions in Embedded Firmware Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna. To appear in Proceedings of the IEEE...
IotShark : Monitoring And Analyzing IoT Traffic
IoTShark is a IOT monitoring service that allows users to monitor their IOT devices for trends in data sent/received. Ordinarily, setting up a man in the middle attack with proper configurations can take up quite a bit of time, and may seem dauntingly impossible for those with little to no experience in computer security or even computer science. It aims...
TuxResponse : Linux Incident Response 2020
TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to triage systems quickly, while not compromising with the results. Usually corporate systems would have some kind of monitoring and control, but there are exceptions due to shadow IT and non-standard ...
LNAV : Log File Navigator 2020
LNAV is an enhanced log file viewer that takes advantage of any semantic information that can be gleaned from the files being viewed, such as timestamps and log levels. Using this extra semantic information, lnav can do things like interleaving messages from different files, generate histograms of messages over time, and providing hotkeys for navigating through the file....
Stowaway : Multi-hop Proxy Tool For Pentesters
Stowaway is Multi-hop proxy tool for security researchers and pentesters Users can easily proxy their network traffic to intranet nodes (multi-layer) PS: The files under demo folder are Stowaway's beta version,it's still functional, you can check the detail by README.md file under the demo folder. Features obvious node topologymulti-hop socks5 traffic proxymulti-hop ssh traffic proxyremote interactive shellnetwork traffic...
Git Vuln Finder : Finding Potential Software Vulnerabilities From Git Commit Messages
Git Vuln Finder finds potential software vulnerabilities from git commit messages. The output format is a JSON with the associated commit which could contain a fix regarding a software vulnerability. The search is based on a set of regular expressions against the commit messages only. If CVE IDs are present, those are added automatically in the output. Requirements jq (sudo...
Wafw00f : Identify & Fingerprint Web Application Firewall
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website. To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which...
XoN : Tool To Search An Aggregated Repository Of Xposed Passwords
XposedOrNot or XoN tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security. The main aim of this project is to give a free platform for the general public to check if their password is exposed and compromised. This massive password...
