HRShell : HTTPS/HTTP Reverse Shell Built With Flask
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities. It is an HTTPS/HTTP reverse shell built with flask. It's compatible with python 3.x and has been successfully tested on: Linux ubuntu 18.04 LTS, Kali Linux 2019.3 macOS Mojave Windows 7/10 Features: It's stealthyTLS support Either using on-the-fly certificates orBy specifying a cert/key pair (more details...
Kube-Alien : Tool To Launch Attack On k8s Cluster
Kube-Alien tool launches attack on k8s cluster from within. That means you already need to have an access with permission to deploy pods in a cluster to run it. After running the kube-alien pod it tries to takeover cluster's nodes by adding your public key to node's /root/.ssh/authorized_keys file by using this image https://github.com/nixwizard/dockercloud-authorizedkeys (Can be adjusted using ADD_AUTHKEYS_IMAGE param in...
Flare-Emu : Easy To Use And Flexible Interface For Scripting Emulation Tasks
Flare-emu marries IDA Pro’s binary analysis capabilities with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks. It is designed to handle all the housekeeping of setting up a flexible and robust emulator for its supported architectures so that you can focus on solving your code analysis problems. Currently,...
MemProcFS : The Memory Process File System
MemProcFS the Memory Process File System is an easy and convenient way of accessing physical memory as files a virtual file system. Easy trivial point and click memory analysis without the need for complicated commandline arguments! Access memory content and artifacts via files in a mounted virtual file system or via a feature rich application library to include in...
FDSploit : File Inclusion & Directory Traversal Fuzzing, Enumeration & Exploitation Tool
FDSploit is a file Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool. It can be used to discover and exploit Local/Remote File Inclusion and directory traversal vulnerabilities automatically. In case an LFI vulnerability is found, --lfishell option can be used to exploit it. For now, 3 different types of LFI shells are supported: Simple: This type of shell allows...
Rebel Framework : Penetration Testing Framework
Rebel framework is an advanced and easy to use penetration testing framework. Start git clone https://github.com/rebellionil/rebel-framework.git cd rebel-framework bash setup.sh bash rebel.sh Modules Screenshots Demos Supported Distributions DistributionVersion CheckSupportedDependencies already installedStatusKali Linux4.4.0yesyesworkingParrot OS4.14.0yesyesworking Also Read - SysAnalyzer : Automated Malcode Analysis System PORT YOUR OWN TOOLS TO REBEL ! scan.py ┌── └──╼ #python scan.py -h-h --help print usage usage ./scan.py controller.sh sample !/bin/bashnormal='e='e} arr='e} arr='e} arr='e} arr='e}...
Firmware Analysis Toolkit : To Emulate Firmware And Analyse It For Security Vulnerabilities
Firmware analysis toolkit is a toolkit to emulate firmware and analyse it for security vulnerabilities. FAT is a toolkit built in order to help security researchers analyze and identify vulnerabilities in IoT and embedded device firmware. Firmware Analysis Toolkit is build on top of the following existing tools and projects : Firmadyne Binwalk Firmware-Mod-Kit MITMproxy Firmwalker Setup instructions If you are...
Router Exploit Shovel : Automated Application Generation for Stack Overflow Types on Wireless Routers
Router Exploit Shovel is an automated application generation for stack overflow types on wireless Routers. It is an automated application generation tool for stack overflow types on wireless routers. The tool implements the key functions of exploits, it can adapt to the length of the data padding on the stack, generate the ROP chain, generate the encoded shellcode, and...
SKA : Simple Karma Attack
SKA allows you to implement a very simple and fast karma attack. You can sniff probe requests to choice the fake AP name or, if you want, you could insert manually the name of AP (evil twin attack). When target has connected to your WLAN you could active the HTTP redirection and perform a MITM attack. Details The script implements these steps: selection of...
ArmourBird CSF – Container Security Framework
ArmourBird CSF - Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and containers against CIS and other custom security checks. ArmourBird CSF has a client-server architecture and is thus divided into two components: CSF Client This component is responsible for monitoring the docker installations, containers, and images on target machinesIn the initial release, it...
