SWFPFinder : SWF Potential Parameters Finder
SWFPFinder is a simple and open source bash script designed to discovery the potential swf (file) parameters on the webapp analysing the swf file. It use swfmill tool, swfmill is a tool to process Adobe Flash (SWF) files. It can convert SWF from and to an XML dialect called “swfml”, which is closely modeled after...
LaravelN00b : Automated Scan .env Files & Checking Debug Mode In Victim Host
Incorrect configuration allows you to access .env files or reading env variables. LaravelN00b automated scan .env files and checking debug mode in victim host. Scan Rationale Scan host.Resolve IP adress and check .env file in IP AdressChecking debug mode Laravel ( Read .env variables ) Also Read - IotShark : Monitoring And Analyzing IoT Traffic Installation Install with installer.sh chmod +x installer.sh...
Andriller : Software Utility With A Collection Of Forensic Tools For Smartphones
Andriller is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. It has features, such as powerful Lockscreen cracking for Pattern, PIN code, or Password; custom decoders for Apps data from Android (some Apple iOS & Windows) databases for decoding communications. Extraction...
Lava : Large-scale Automated Vulnerability Addition
Evaluating and improving bug-finding tools is currently difficult due to a shortage of ground truth corpora (i.e., software that has known bugs with triggering inputs). LAVA attempts to solve this problem by automatically injecting bugs into software. Every LAVA bug is accompanied by an input that triggers it whereas normal inputs are extremely unlikely to do so. These vulnerabilities...
HeapInspect : Inspect Heap In Python
HeapInspect is designed to make heap much more prettier. So let us have some of the feature of this tool which will inspect heap in python; Free of gdb and other requirementMulti glibc support 2.19, 2.23-2.27 (currently tested)both 32bit and 64bit Nice UI to show heap HeapShower (detailed)PrettyPrinter (colorful, summary) Heapdiff (working)Corruption detect & exploit analysis (working)Also support gdb (python2...
CHAPS : Configuration Hardening Assessment PowerShell Script
CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy Analyzer, cannot be installed. The purpose of this script is to run it on a server or workstation to collect configuration information about that system. The information collected can then be used to provide ...
Karonte : Static Analysis Tool To Detect Multi-Binary Vulnerabilities In Embedded Firmware
Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware. Research Paper We present our approach and the findings of this work in the following research paper: Detecting Insecure Multi-binary Interactions in Embedded Firmware Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna. To appear in Proceedings of the IEEE...
IotShark : Monitoring And Analyzing IoT Traffic
IoTShark is a IOT monitoring service that allows users to monitor their IOT devices for trends in data sent/received. Ordinarily, setting up a man in the middle attack with proper configurations can take up quite a bit of time, and may seem dauntingly impossible for those with little to no experience in computer security or even computer science. It aims...
TuxResponse : Linux Incident Response 2020
TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to triage systems quickly, while not compromising with the results. Usually corporate systems would have some kind of monitoring and control, but there are exceptions due to shadow IT and non-standard ...
LNAV : Log File Navigator 2020
LNAV is an enhanced log file viewer that takes advantage of any semantic information that can be gleaned from the files being viewed, such as timestamps and log levels. Using this extra semantic information, lnav can do things like interleaving messages from different files, generate histograms of messages over time, and providing hotkeys for navigating through the file....
