Yarasafe : SAFE Embeddings To Match Functions In Yara
YARASAFE is for automatic binary function similarity checks with Yara. SAFE is a tool developed to create Binary Functions Embedding developed by Massarelli L., Di Luna G.A., Petroni F., Querzoni L. and Baldoni R. You can use SAFE to create your function embedding to use inside yara rules. If you are interested take a look at our research paper: https://arxiv.org/abs/1811.05296....
How to Protect Yourself Against Common Password Attacks
To avoid password attacks, Authentication and access management may be evolving, but passwords are not going to disappear in the near future. Experts believe that the number of passwords in use will reach 300 billion in 2020. Although IT professionals understand the significance of secure passwords, almost 70% of employees share passwords in a non-secure way. In addition to that,...
AlertResponder : Automatic Security Alert Response Framework By AWS Serverless Application Model
AlertResponder is an automatic security alert response framework by AWS Server less Application Model. It is a server less framework for automatic response of security alert. Overview AlertResponder receives an alert that is event of interest from security view point and responses the alert automatically. AlertResponder has 3 parts of automatic response. Inspector investigates entities that are appeared in the alert including IP...
TAS : A Tiny Framework For Easily Manipulate The TTY & Create Fake Binaries
TAS is a tiny framework for easily manipulate the tty and create fake binaries. The framework has three main functions, tas_execv, tas_forkpty, and tas_tty_loop. tas_execv: It is a function similar to execv, but it doesn't re-execute the current binary, something very useful for creating fake binaries. tas_forkpty: Is the same as forkpty, but it fills a custom structure, check forkpty man...
Corsy : CORS Misconfiguration Scanner
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations. Requirements It only works with Python 3 and has the following dependencies: tldrequests To install these dependencies, navigate to the tool directory and execute pip3 install -r requirements.txt Usage Using it is pretty simple python3 corsy.py -u https://example.com Scan URLs from a file python3 corsy.py -i /path/urls.txt Number of threads python3 corsy.py -u https://example.com -t 20 ...
TeleGram-Scraper : Telegram Group Scraper Tool
TeleGram-Scraper is a telegram group scraper tool to fetch all information about group members. How To Install & Setup API ( Termux ) https://youtu.be/I8oR9tuYyrU API Setup Go to http://my.telegram.org and log in. Click on API development tools and fill the required fields. put app name you want & select other in platform Example : copy "api_id" & "api_hash" after clicking create app (...
Grouper2 : To Find Vulnerabilities In AD Group Policy
Grouper2 is a tool to find vulnerabilities in AD group policy. It is a tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy. It might also be useful for other people doing other stuff, but it is explicitly NOT meant to be an audit tool. If you want to check your policy configs against some particular...
Gophish : Open-Source Phishing Toolkit
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training. Install Installation of Gophish is dead-simple - just download and extract the zip containing the release for your system, and run the binary. Gophish has binary releases for Windows,...
Aaia : AWS Identity & Access Management Visualizer & Anomaly Finder
Aaia (pronounced as shown here ) helps in visualizing AWS IAM and Organizations in a graph format with help of Neo4j. This helps in identifying the outliers easily. Since it is based on neo4j , one can query the graph using cypher queries to find the anomalies. It also supports modules to programmatically fetch data from neo4j database and...
Scallion : GPU-Based Onion Hash Generator
Scallion lets you create vanity GPG keys and .onion addresses (for Tor's hidden services) using OpenCL. It runs on Mono (tested in Arch Linux) and .NET 3.5+ (tested on Windows 7 and Server 2008). It is currently in beta stage and under active development. Nevertheless, we feel that it is ready for use. Improvements are expected primarily in...
