Mitaka : A Browser Extension For OSINT Search
Mitaka is a browser extension for OSINT search which can: Extract & refang IoC from a selected block of text.E.g. examplecom to example.com, testexample.com to test@example.com, hxxp://example.com to http://example.com, etc.Search / scan it on various engines.E.g. VirusTotal, urlscan.io, Censys, Shodan, etc. Features Supported IOC types namedesc.e.g.textFreetextany string(s)ipIPv4 address8.8.8.8domainDomain namegithub.comurlURLhttps://github.comemailEmail addresstest@test.comasnASNAS13335hashmd5 / sha1 / sha25644d88612fea8a8f36de82e1278abb02fcveCVE numberCVE-2018-11776btcBTC address1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNagaPubIDGoogle Adsense Publisher IDpub-9383614236930773gaTrackIDGoogle Analytics Tracker IDUA-67609351-1 Also Read - Act Platform : Open Platform For Collection &...
Kirjuri : Web Application For Managing Cases & Physical Forensic Evidence Items
Kirjuri is a simple php/mysql web application for managing physical forensic evidence items. It is intended to be used as a workflow tool from receiving, booking, note-taking and possibly reporting findings. It simplifies and helps in case management when dealing with a large (or small!) number of devices submitted for forensic analysis. Kirjuri requires PHP7. See the official Kirjuri home...
SysAnalyzer : Automated Malcode Analysis System
SysAnalyzer is an application that was designed to give malcode analysts an automated tool to quickly collect, compare, and report on the actions a binary took while running on the system. The main components of SysAnalyzer work off of comparing snapshots of the system over a user specified time interval. The reason a snapshot mechanism was used compared...
Pixload : Image Payload Creating/Injecting Tools
Pixload is a set of tools for creating/injecting payload into images. Useful references for better understanding of pixload and its use-cases: Bypassing CSP using polyglot JPEGsHacking group using Polyglot images to hide malvertising attacksEncoding Web Shells in PNG IDAT chunksAn XSS on Facebook via PNGs & Wonky Content TypesRevisiting XSS payloads in PNG IDAT chunks If you want to encode a...
Dolos Cloak : Automated 802.1x Bypass
Dolos Cloak is a python script designed to help network penetration testers and red teamers bypass 802.1x solutions by using an advanced man-in-the-middle attack. The tool is able to piggyback on the wired connection of a victim device that is already allowed on the target network without kicking the vicitim device off the network. It was designed to run...
Dr_Robot : Tool Used To Enumerate The Subdomains Associated With A Company
Dr_Robot is a tool for Domain Reconnaissance and Enumeration. By utilizing containers to reduce the overhead of dealing with dependencies, inconsistency across operating sytems, and different languages, Dr. ROBOT is built to be highly portable and configurable. Use Case: Gather as many public facing servers that a target organization possesses. Querying DNS resources enables us to quickly develop a large list...
FudgeC2 : A Collaborative C2 Framework For Purple-Teaming Written In Python3, Powershell & .NET
FudgeC2 is a campaign orientated Powershell C2 framework built on Python3/Flask - Designed for team collaboration, client interaction, campaign timelining, and usage visibility. Note: FudgeC2 is currently in alpha stage, and should be used with caution in non-test environments. Beta will be released later this year, at BlackHat Arsenal. Setup Installation To quickly install & run FudgeC2 on a Linux host run the following: git...
Aura Botnet : A Super Portable Botnet Framework With A Django-Based C2 Server
Aura Botnet is a super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell. The botnet's C2 server utilizes the Django framework as the backend. It is far from the most efficient web server, but this is offset by the following: Django is extremely portable and therefore...
Stardox : Github Stargazers Information Gathering Tool
Stardox is an advanced github stargazers information gathering tool. It scraps Github for information and display them in list tree view. It can be used for collecting information of your's/someones repository stargazers details. What data it fetchs : Total repsitoriesTotal starsTotal FollowersTotal FollowingStargazer's Email P.S: Many new things will be added soon. Gallery Fetching data of repository List tree view of fetched data Also Read -...
Act Platform : Open Platform For Collection & Exchange Of Threat Intelligence Information
Semi-Automated Cyber Threat Intelligence or ACT is a research project led by mnemonic as with contributions from the University of Oslo, NTNU, Norwegian Security Authority (NSM), KraftCERT and Nordic Financial CERT. The main objective of the ACT project is to develop a platform for cyber threat intelligence to uncover cyber attacks, cyber espionage and sabotage. The project will result in...
