AVG Antivirus – Is It Good For Your Computer?
AVG is always in the top 5 of the 2019 antivirus rankings. Many people use it because it is available for free. Despite the developers constantly offering to buy the paid version, the free solution is still good and offers comparable protection. We are going to tell you about some key points of the product. Do you need more details? Read the detailed AVG...
CAINE 11 – GNU/Linux Live Distribution
CAINE or Computer Aided INvestigative Environment is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti (Bari - Italy). It offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface. The main design objectives...
Ngrev : Tool For Reverse Engineering of Angular Applications
Graphical tool for reverse engineering of Angular projects. Ngrev allows you to navigate in the structure of your application and observe the relationship between the different modules, providers, and directives. The tool performs static code analysis which means that you don't have to run your application in order to use it. How To Use? macOS Go to the...
Functrace : A Function Tracer
Functrace is a tool that helps to analyze a binary file with dynamic instrumentation using DynamoRIO. These are some implemented features (based on DynamoRIO): disassemble all the executed codedisassemble a specific function (dump if these are addresses)get arguments of a specific function (dump if these are addresses)get return value of a specific function (dump if this is an...
APK-MITM : Android APK Files for HTTPS Inspection
APK-MITM is a CLI application that automatically prepares Android APK files for HTTPS inspection. Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to...
RetDec : RetDec Is A Retargetable Machine-Code Decompiler Based On LLVM
RetDec is a retargetable machine-code de compiler based on LLVM. The de-compiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR (archive), Intel HEX, and raw machine codeSupported architectures: 32-bit: Intel x86, ARM, MIPS, PIC32, and PowerPC64-bit: x86-64, ARM64 (AArch64) Features Static analysis of executable files with detailed information.Compiler and...
Seeker : Accurately Locate Smartphones Using Social Engineering
Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. It Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will forward to the target, website asks...
CORSTest : A Simple CORS Misconfiguration Scanner
CORStest is a quick & dirty Python 2 tool to find Cross-Origin Resource Sharing (CORS) misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential vulnerabilities are detected by sending a certain Origin request header and checking for the Access-Control-Allow-Origin response header: Developer backdoor: Insecure...
SharpHide : Tool To Create Hidden Registry Keys
SharpHide is just a nice persistence trick to confuse DFIR investigation. Uses NtSetValueKey native API to create a hidden (null terminated) registry key. This works by adding a null byte in front of the UNICODE_STRING key valuename. The tool uses the following registry path in which it creates the hidden run key: (HKCU if user, else HKLM)SOFTWAREMicrosoftWindowsCurrentVersionRun Also Read -...
LinuxCheck : Linux Information Collection Script 2019
LinuxCheck is a small Linux information collection script is mainly used for emergency response. It can be used under Debian or Centos. Features CPU TOP10, memory TOP10CPU usageboot timeHard disk space informationUser information, passwd informationEnvironmental variable detectionService listSystem program changes (debsums -e and rpm -va)Network traffic statisticsNetwork connection, listening portOpen portRouting table informationRoute forwardingARPDNS ServerSSH login informationSSH login IPiptables...
