Secretx : Extracting API keys & Secrets By Requesting Each URL At The Your List
Secretx is a tool which is mainly used for extracting api keys and secrets by requesting each url at the your list. Installation python3 -m pip install -r requirements.txt Also Read - Exist : Web App For Aggregating & Analyzing Cyber Threat Intelligence Usage python3 secretx.py --list urlList.txt --threads 15 optional arguments: --help --colorless Download
ReconCobra : Complete Automated Pentest Framework For Information Gathering
ReconCobra is a complete Automated pentest framework for Information Gathering and it will tested on Kali, Parrot OS, Black Arch, Termux, Android Led TV. Introduction It is useful in Banks, Private Organizations and Ethical hacker personnel for legal auditing.It serves as a defense method to find as much as information possible for gaining unauthorized access and intrusion.With the emergence of more...
NodeCrypto : Linux Ransomware Written In NodeJs
NodeCrypto is a Linux Ransomware written in NodeJs that encrypt predefined files. This project was created for educational purposes, you are the sole responsible for the use of it. Install Server Upload all file of server/ folder on your webserver.Create a sql database and import sql/nodeCrypto.sqlEdit server/libs/db.php and add your SQL ID. Install & Run git clone https://github.com/atmoner/nodeCrypto.gitcd nodeCrypto && npm installcd...
PBTK : A Toolset For Reverse Engineering & Fuzzing Protobuf-Based Apps
PBTK is a tool that can be used for reverse engineering and fuzzing protobuf based application. Protobuf is a serialization format developed by Google and used in an increasing number of Android, web, desktop and more applications. It consists of a language for declaring data structures, which is then compiled to code or another kind of structure depending...
theTHE : The Threat Hunting Environment
You are a Threat Hunter. While investigating, did you find yourself with more than 20 tabs opened in your browser, scattered .txt files with data and some terminals showing up in the background? theTHE centralizes all the information on an investigation in a single project and shares its results with your team (and with nobody ...
Exist : Web App For Aggregating & Analyzing Cyber Threat Intelligence
EXIST is a web application for aggregating and analyzing CTI (cyber threat intelligence). It is written by the following software. Python 3.5.4Django 1.11.22 It automatically fetches data from several CTI services and Twitter via their APIs and feeds. You can cross-search indicators via the web interface and the API. If you have servers logging network behaviors of clients (e.g., logs of...
Nginx Log Check : Nginx Log Security Analysis Script
Nginx Log Check is a nothing but a Nginx Log Security Analysis Script. Following are some of the feature for the script for Nginx log security check; Statistics Top 20 AddressSQL injection analysisScanner alert analysisExploit detectionSensitive path accessFile contains attackWebshellFind URLs with response length Top 20Looking for rare script file accessFind script file for 302 redirect Also Read - Exploitivator :...
Haaukins : A Highly Accessible & Automated Virtualization Platform for Security Education
Haaukins is a highly accessible and automated virtualization platform for security education, it has three main components (Docker, Virtualbox and Golang), the communication and orchestration between the components managed using Go programming language. The main reason of having Go environment to manage and deploy something on Haaukins platform is that Go’s easy concurrency and...
CyberRange : The Open-Source AWS Cyber Range
This CyberRange project represents the first open-source Cyber Range blueprint in the world. This project provides a bootstrap framework for a complete offensive, defensive, reverse engineering & security intelligence tooling in a private research lab using the AWS Cloud. This project contains vulnerable systems and a toolkit of the most powerful open-source / community edition tools...
Dsiem : Security Event Correlation Engine For ELK Stack
Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. It provides OSSIM-style correlation for normalized logs/events, perform lookup/query to threat intelligence and vulnerability information sources, and produces risk-adjusted alarms. Features Runs in standalone or clustered mode with NATS as messaging bus between frontend and backend...
.png "Exrop : Automatic ROP Chain Generation")
