Functrace : A Function Tracer
Functrace is a tool that helps to analyze a binary file with dynamic instrumentation using DynamoRIO. These are some implemented features (based on DynamoRIO): disassemble all the executed codedisassemble a specific function (dump if these are addresses)get arguments of a specific function (dump if these are addresses)get return value of a specific function (dump if this is an...
APK-MITM : Android APK Files for HTTPS Inspection
APK-MITM is a CLI application that automatically prepares Android APK files for HTTPS inspection. Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to...
RetDec : RetDec Is A Retargetable Machine-Code Decompiler Based On LLVM
RetDec is a retargetable machine-code de compiler based on LLVM. The de-compiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR (archive), Intel HEX, and raw machine codeSupported architectures: 32-bit: Intel x86, ARM, MIPS, PIC32, and PowerPC64-bit: x86-64, ARM64 (AArch64) Features Static analysis of executable files with detailed information.Compiler and...
Seeker : Accurately Locate Smartphones Using Social Engineering
Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. It Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will forward to the target, website asks...
CORSTest : A Simple CORS Misconfiguration Scanner
CORStest is a quick & dirty Python 2 tool to find Cross-Origin Resource Sharing (CORS) misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential vulnerabilities are detected by sending a certain Origin request header and checking for the Access-Control-Allow-Origin response header: Developer backdoor: Insecure...
SharpHide : Tool To Create Hidden Registry Keys
SharpHide is just a nice persistence trick to confuse DFIR investigation. Uses NtSetValueKey native API to create a hidden (null terminated) registry key. This works by adding a null byte in front of the UNICODE_STRING key valuename. The tool uses the following registry path in which it creates the hidden run key: (HKCU if user, else HKLM)SOFTWAREMicrosoftWindowsCurrentVersionRun Also Read -...
LinuxCheck : Linux Information Collection Script 2019
LinuxCheck is a small Linux information collection script is mainly used for emergency response. It can be used under Debian or Centos. Features CPU TOP10, memory TOP10CPU usageboot timeHard disk space informationUser information, passwd informationEnvironmental variable detectionService listSystem program changes (debsums -e and rpm -va)Network traffic statisticsNetwork connection, listening portOpen portRouting table informationRoute forwardingARPDNS ServerSSH login informationSSH login IPiptables...
CodeCat : Tool To Help In Manual Analysis In CodeReview
CodeCat is a open source tool to help you in codereview, to find/track sinks and this points follow regex rules. How too install? Go to CodeCat directory, install backend and frontend libs: $ cd Front $ sudo python3 -m pip install -r requirements.txt $ cd .. $ cd Backend $ sudo python3 -m pip install -r requirements.txt Run backend and frontend… $ cd Codecat $ cd...
aSYNcrone : Multifunction SYN Flood DDoS Weapon
aSYNcrone is a C language based, malfunction SYN Flood DDoS Weapon. Disable the destination system by sending a SYN packet intensively to the destination. POWER!!! Also Read - CAPE : Malware Configuration And Payload Extraction USAGE git clone https://github.com/fatih4842/aSYNcrone.gitcd aSYNcronegcc aSYNcrone.c -o aSYNcrone -lpthread./aSYNcrone Specifications Internal random IP generatorUsing threads and faster prepare and sending SYN packetsDifferent...
BurpSuite : Secret Finder Extension To Discover APIkeys/Tokens From HTTP Response
BurpSuite is a Secret Finder Burp Suite extension to discover a apikey/tokens from HTTP response. Install >>Download SecretFinder wget https://raw.githubusercontent.com/m4ll0k/BurpSuite-Secret_Finder/master/SecretFinder.pyorgit clone https://github.com/m4ll0k/BurpSuite-Secret_Finder.git>>now open Burp > Extender > Extensions > Add > set python and select file (SecretFinder.py) Also Read - SubDomain3: A New Generation Tool For Discovering Subdomains Requirements jythonburpsuite Download
.png "ConfluencePot : Simple Honeypot For Atlassian Confluence (CVE-2022-26134)")
