.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
DNS Rebinding Tool : DNS Rebind Tool With Custom Scripts
This project is meant to be an All-in-one Toolkit to test further DNS rebinding attacks and my take on understanding these kind of attacks. It consists of a web server and pseudo DNS server that only responds to A queries. The root index of the web server allowes to configure and run the attack with a rudimentary web gui. See dnsrebindtool.43z.one. A basic nginx...
Fenrir : Simple Bash IOC Scanner
Fenrir is a simple IOC scanner bash script. It allows scanning Linux/Unix/OSX systems for the following Indicators of Compromise (IOCs): HashesMD5, SHA1 and SHA256 (using md5sum, sha1sum, sha -a 256)File Namesstring - checked for substring of the full path, e.g. "temp/p.exe" in "/var/temp/p.exe"Stringsgrep in filesC2 Serverchecking for C2 server strings in 'lsof -i' and 'lsof -i -n' outputHot Time Frameusing...
Manati : A Web-Based Tool To Assist The Work Of The Intuitive Threat Analysts
The goal of the ManaTI project is to develop machine learning techniques to assist an intuitive threat analyst to speed the discovery of new security problems. The machine learning will contribute to the analysis by finding new relationships and inferences. The project will include the development of a web interface for the analyst to interact with the data and...
ThreadBoat : Program Uses Thread Execution Hijacking to Inject Native Shellcode into a Standard Win32 Application
ThreadBoat program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application. I developed this small project to continue my experiences of different code injection methods. With Thread Hijacking, it allows the hijacker.exe program to susepend a thread within the target.exe program allowing us to write shellcode to a thread. ThreadBoat Usage int main() {System sys;Interceptor incp;Exception exp;sys.returnVersionState();if (sys.returnPrivilegeEscalationState()){std::cout...
SQLMap : Automatic SQL Injection & Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the...
GiveMeSecrets : Use Regular Expressions To Get Sensitive Information
GiveMeSecrets use regular expressions to get sensitive information from a given repository (GitHub, pip or npm). You only need to have python 3.6 or higher installed to launch this script. In addition you must have installed in the system git, pip and npm. How to use? It's very easy to use, just run the script and pass the option...
Hardening Kubernetes Security with Falco: Runtime Threat Detection
.png "Hardening Kubernetes Security with Falco: Runtime Threat Detection")
Kubernetes has become a cornerstone of modern cloud-native applications, offering powerful orchestration capabilities for containerized applications. However, its complexity also introduces security challenges. Falco, an open-source runtime security tool, can help mitigate these challenges by providing real-time threat detection capabilities. This guide will delve into the technical details of using Falco to enhance Kubernetes security. What is Falco? Falco is an...
Lockdoor Framework : A Penetration Testing Framework with Cyber Security Resources
LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is...
Sub.sh : Online Subdomain Detect Script
Sub.sh is a script to detect subdomain online. So let us have a look on it usage. Script bash sub.sh webscantest.com./sub.sh webscantest.com Curl curl -s -L https://raw.githubusercontent.com/cihanmehmet/sub.sh/master/sub.sh | bash -s webscantest.com Also Read - Re-composer : Randomly Changes Win32/64 PE Files For ‘Safer’ Uploading To Malware & Sandbox Sites Subdomain Alive Check bash sub_alive.sh bing.comcurl -s -L https://raw.githubusercontent.com/cihanmehmet/sub.sh/master/sub_alive.sh | bash -s bing.com" Fping Required Nmap -sn (No...
Cryptondie : A Ransomware Developed For Study Purposes
CryptonDie is a ransomware developed for study purposes. Options --key key used to encrypt and decrypt files, default is random string(recommended) --dir Home directory for the attack, default is / --encrypt Encrypt all files...
.webp "SharpExclusionFinder – Streamlining Windows Defender Exclusion Checks With Advanced Scanning Capabilities")
