DIE : Program For Determining Types Of Files For Windows, Linux & MacOS
Detect It Easy, or abbreviated DIE is a program for determining types of files. It is a cross-platform application, apart from Windows version there are also available versions for Linux and Mac OS. Many programs of the kind (PEID, PE tools) allow to use third-party signatures. Unfortunately, those signatures scan only bytes by the pre-set mask, and it is not...
Machinae : Machinae Security Intelligence Collector
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints. It was inspired by Automater, another excellent tool for collecting information. The Machinae project was born from wishing to improve Automater in 4 areas: Codebase - Bring Automater to python3 compatibility while making...
Fake Sandbox : Script To Simulate Fake Processes Of Analysis Sandbox/VM
Fake Sandbox Processes small script will simulate fake processes of analysis, sandbox and VM software that some malware will try to avoid. You can download the original script made by @x0rz here (thanks, by the way). You can also download my slightly optimised script from the root directory. The file is named fsp.ps1. This exact script is also used...
Blind SQL Bitshifting : A Blind SQL Injection Module That Uses Bitshfting To Calculate Characters
This is a module that performs blind SQL injection by using the bitshifting method to calculate characters instead of guessing them. It requires 7/8 requests per character, depending on the configuration. Usage import blind-sql-bitshifting as x#Edit this dictionary to configure attack vectorsx.options Also Read - Dwarf : Full Featured Multi Arch/OS Debugger Built On Top Of PyQt5 & Frida Example Configuration #Vulnerable linkx.options = "http://www.example.com/index.php?id=1"#Specify...
Caldera : An Automated Adversary Emulation System
CALDERA is an automated adversary emulation system, built on the MITRE ATT&CK™ framework. It works by attaching abilities to an adversary and running the adversary in an operation. Full documentation for this system can be found in the wiki. Python 3.5.3+ is required to run this system. Installation Start by cloning this repository recursively. This will pull all available plugins. git clone https://github.com/mitre/caldera.git --recursive From the...
Shellsum : A Defense Tool – Detect Web Shells In Local Directories Via MD5Sum
Shellsum is a defense tool to detect web shells in local directories via md5sum. Following are some of the features of this tool; Fast speedLightweightBig databaseTabled output Usages Install git clone https://github.com/ManhNho/shellsum.gitchmod 755 -R shellsum/cd shellsum/pip install -r requirements.txt Also Read - Dwarf : Full Featured Multi Arch/OS Debugger Built On Top Of PyQt5 & Frida Run python shellsum.py ToDo Smooth outputExport file reportModularizationBigger database Download
BackBox Linux 6.0 – Ubuntu-Based Linux Distribution Penetration Test & Security Assessment
BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known...
RedGhost : Linux Post Exploitation Framework Designed To Assist Red Teams In Gaining Persistence, Reconnaissance & Leaving No Trace
RedGhost is a Linux post exploitation framework designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl SudoInject Function to inject sudo command with wrapper function to run a reverse root shell everytime "sudo" is run for privilege escalataion lsInject Function to...
UACME : Defeating Windows User Account Control
UACMe is a defeating windows user account control by abusing built-in windows autoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10 (client, some methods however works on server version too).Admin account with UAC set on default settings required. Usage Run executable from command line: akagi32 or akagi64 . See "Run examples" below for more info. First param is number of method to...
JShielder : Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark G
JSHielder is an Open Source Bash Script developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little interaction from the...
