.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Firmware Analysis Toolkit : To Emulate Firmware And Analyse It For Security Vulnerabilities
Firmware analysis toolkit is a toolkit to emulate firmware and analyse it for security vulnerabilities. FAT is a toolkit built in order to help security researchers analyze and identify vulnerabilities in IoT and embedded device firmware. Firmware Analysis Toolkit is build on top of the following existing tools and projects : Firmadyne Binwalk Firmware-Mod-Kit MITMproxy Firmwalker Setup instructions If you are...
Router Exploit Shovel : Automated Application Generation for Stack Overflow Types on Wireless Routers
Router Exploit Shovel is an automated application generation for stack overflow types on wireless Routers. It is an automated application generation tool for stack overflow types on wireless routers. The tool implements the key functions of exploits, it can adapt to the length of the data padding on the stack, generate the ROP chain, generate the encoded shellcode, and...
SKA : Simple Karma Attack
SKA allows you to implement a very simple and fast karma attack. You can sniff probe requests to choice the fake AP name or, if you want, you could insert manually the name of AP (evil twin attack). When target has connected to your WLAN you could active the HTTP redirection and perform a MITM attack. Details The script implements these steps: selection of...
ArmourBird CSF – Container Security Framework
ArmourBird CSF - Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and containers against CIS and other custom security checks. ArmourBird CSF has a client-server architecture and is thus divided into two components: CSF Client This component is responsible for monitoring the docker installations, containers, and images on target machinesIn the initial release, it...
Tachyon : Fast Http Dead File Finder
Tachyon is a fast web application security reconnaissance tool. It is specifically meant to crawl web application and look for left over or non-indexed files with the addition of reporting pages or scripts leaking internal data. User Requirements Linux Python 3.5.2 User Installation Install $ mkdir tachyon $ python3 -m venv tachyon/ $ cd tachyon $ source bin/activate $ pip install tachyon3 $ tachyon...
Scout Suite : Multi-Cloud Security Auditing Tool
Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically. Scout Suite...
Mitaka : A Browser Extension For OSINT Search
Mitaka is a browser extension for OSINT search which can: Extract & refang IoC from a selected block of text.E.g. examplecom to example.com, testexample.com to test@example.com, hxxp://example.com to http://example.com, etc.Search / scan it on various engines.E.g. VirusTotal, urlscan.io, Censys, Shodan, etc. Features Supported IOC types namedesc.e.g.textFreetextany string(s)ipIPv4 address8.8.8.8domainDomain namegithub.comurlURLhttps://github.comemailEmail addresstest@test.comasnASNAS13335hashmd5 / sha1 / sha25644d88612fea8a8f36de82e1278abb02fcveCVE numberCVE-2018-11776btcBTC address1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNagaPubIDGoogle Adsense Publisher IDpub-9383614236930773gaTrackIDGoogle Analytics Tracker IDUA-67609351-1 Also Read - Act Platform : Open Platform For Collection &...
Kirjuri : Web Application For Managing Cases & Physical Forensic Evidence Items
Kirjuri is a simple php/mysql web application for managing physical forensic evidence items. It is intended to be used as a workflow tool from receiving, booking, note-taking and possibly reporting findings. It simplifies and helps in case management when dealing with a large (or small!) number of devices submitted for forensic analysis. Kirjuri requires PHP7. See the official Kirjuri home...
SysAnalyzer : Automated Malcode Analysis System
SysAnalyzer is an application that was designed to give malcode analysts an automated tool to quickly collect, compare, and report on the actions a binary took while running on the system. The main components of SysAnalyzer work off of comparing snapshots of the system over a user specified time interval. The reason a snapshot mechanism was used compared...
Pixload : Image Payload Creating/Injecting Tools
Pixload is a set of tools for creating/injecting payload into images. Useful references for better understanding of pixload and its use-cases: Bypassing CSP using polyglot JPEGsHacking group using Polyglot images to hide malvertising attacksEncoding Web Shells in PNG IDAT chunksAn XSS on Facebook via PNGs & Wonky Content TypesRevisiting XSS payloads in PNG IDAT chunks If you want to encode a...
.webp "katoolin – Streamline Your Kali Linux Tool Installation With This Comprehensive Guide")
.webp "SharpExclusionFinder – Streamlining Windows Defender Exclusion Checks With Advanced Scanning Capabilities")
