.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Uptux : Linux Privilege Escalation Checks
Uptux is a specialized privilege escalation checks for Linux systems. Implemented so far: Writable systemd paths, services, timers, and socket unitsDisassembles systemd unit files looking for: References to executables that are writableReferences to broken symlinks pointing to writeable directoriesRelative path statementsUnix socket files that are writeable (sneaky APIs) Writable D-Bus pathsOverly permissive D-Bus service settingsHTTP APIs running as root and responding on...
ezXSS : Easy Way For Penetration Testers & Bug Bounty Hunters
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. Current Features Some features ezXSS has Easy to use dashboard with statics, payloads, view/share/search reports and morePayload generatorInstant email alert on payloadCustom javascript payloadEnable/Disable screenshotsPrevent double payloads from saving or alertingBlock domainsShare reports with a direct link or with other ezXSS usersEasily manage...
Fail2Ban : Daemon To Ban Hosts That Cause Multiple Authentication Errors
Fail2Ban scans log files like /var/log/auth.log and bans IP addresses conducting too many failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses, for a configurable amount of time. Fail2Ban comes out-of-the-box ready to read many standard log files, such as those for sshd and Apache, and is easily configured to read...
DrMemory : Memory Debugger for Windows, Linux, Mac & Android
DrMemory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside of allocated heap units and heap underflow and overflow), accesses to freed memory, double frees, memory leaks, and (on Windows) handle leaks, GDI API usage errors, and accesses to un-reserved thread local storage slots. DrMemory operates...
Gosec : Golang Security Checker To Inspects Source Code
Gosec is a inspects source code for security problems by scanning the Go AST. Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. You may obtain a copy of the License here. Install CI Installation # binary will be $GOPATH/bin/goseccurl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b $GOPATH/bin vX.Y.Z#...
AtomShields CLI : Security Testing Framework For Repositories & Source Code
AtomShields Cli is a Command-Line Interface to use the software AtomShields. AtomShields is a security testing framework for repositories and source code. This system has different modules that detect different vulnerabilities or files that may expose a risk, and the results obtained can be obtained or sent thanks to the reporting modules. For developers: There is also the possibility to develop your...
Virtuailor : IDAPython Tool For Creating Automatic C++ Virtual Tables In IDA Pro
Virtuailor is an IDAPython tool that reconstructs vtables for C++ code written for intel architecture, both 32bit and 64bit code and AArch64 (New!). The tool constructed from 2 parts, static and dynamic. The first is the static part, contains the following capabilities: Detects indirect calls.Hooks the value assignment of the indirect calls using conditional breakpoints (the hook code). The second is the...
PESTO – PE (Files) Statistical Tool
PESTO is a Python script that extracts and saves in a database some PE file security characteristics or flags searching for every PE binary in a whole directory, and saving results in a database. PESTO checks for architecture flag in the header, and for the following security flags: ASLR, NO_SEH, DEP and CFG. Code is clear enough to modify flags...
What to Look for in the Right SOC Program – A Complete Guide
SOC stands for "security operations center", and it's important to every business, no matter what it's size. It doesn’t matter how big or small your business, everyone needs some kind of SOC program to keep everything secure, which means finding the right program for your needs. A very small business may use a few applications to keep systems and...
UBoat : HTTP Botnet Project
UBoat is a POC HTTP Botnet designed to replicate a full weaponised commercial botnet. What is a Botnet ? When the HTTP protocol was born in 1999, no one ever thought it will be used by one of the most dangerous Cyber threats called Botnet. A bot is an application that can perform and repeat a particular task faster than a...
.webp "SharpExclusionFinder – Streamlining Windows Defender Exclusion Checks With Advanced Scanning Capabilities")
