.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Robber : Tool For Finding Executables Prone To DLL Hijacking
Robber is a free open source tool developed using Delphi XE2 without any 3rd party dependencies. So What Is DLL Hijacking? Windows has a search path for DLLs in its underlying architecture. If you can figure out what DLLs an executable requests without an absolute path (triggering this search process), you can then place your hostile DLL somewhere higher up the...
BlobRunner – Quickly Debug Shellcode Extracted During Malware Analysis
BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. BlobRunner allocates memory for the target file and jumps to the base (or offset) of the allocated memory. This allows an analyst to quickly debug into extracted artifacts with minimal overhead and effort. BlobRunner Building Building the executable is straight forward and relatively painless. Requirements Download and install Microsoft Visual...
FindYara – IDA Python Plugin To Scan Binary With Yara Rules
FindYara uses IDA python plugin to scan your binary with yara rules. All the yara rule matches will be listed with their offset so you can quickly hop to them! FindYara Installation Install yara-python Using pip: pip install yara-python Other methods: https://pypi.python.org/pypi/yara-python Copy FindYara.py to your IDA "plugins" directory Also ReadDarkSpiritz : A Penetration Testing Framework For Linux, MacOS, and Windows...
ADModule – Microsoft Signed ActiveDirectory PowerShell Module
ADModule is a Microsoft signed DLL for the ActiveDirectory PowerShell module. Just a backup for the Microsoft's ActiveDirectory PowerShell module from Server 2016 with RSAT and module installed. The DLL is usually found at this path: C:WindowsMicrosoft.NETassemblyGAC_64Microsoft.ActiveDirectory.Management and the rest of the module files at this path: C:WindowsSystem32WindowsPowerShellv1.0ModulesActiveDirectory Also ReadKillshot : Information gathering Tool ADModule Usage You can copy this DLL to your...
BFuzz – Fuzzing Chrome & Firefox Browsers
BFuzz is an input based fuzzer tool which take .html as an input, open's up your browser with a new instance and pass multiple testcases generated by domato which is present in recurve folder of BFuzz, more over BFuzz is an automation which performs same task repeatedly. Also ReadPython-Nubia : A Command-Line & Interactive Shell Framework Run BFuzz warmachine@ftw:~/BFuzz$ ./generate.sh warmachine@ftw:~/BFuzz$ python BFuzz.py...
DarkSpiritz : A Penetration Testing Framework For Linux, MacOS, and Windows Systems
DarkSpiritz is a penetration testing framework for Linux and Windows systems. Created by the SynTel Team it was a project of one of the owners to update and clean-up an older pentesting framework he had created to something updated and modern. It is a re-vamp of the very popular framework known as "Roxysploit". You may be familiar with this framework...
Killshot : Information gathering Tool
KillShot is a Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner. You Can use this tool to Spider your website and get important information and gather information automatically using whatweb-host-traceroute-dig-fierce-wafw00f or to Identify the cms and to find the vulnerability in your website using Cms Exploit Scanner && WebApp Vul Scanner Also You can use it to Scan...
PasteJacker : Hacking Systems With The Automation Of PasteJacking Attacks
PasteJacker the main purpose of the tool is automating (PasteJacking/Clipboard poisoning/whatever you name it) attack with collecting all the known tricks used in this attack in one place and one automated job as after searching I found there's no tool doing this job the right way. Now because this attack depends on what the user will paste, I implemented the...
XSStrike – Most Advanced XSS Detection Suite
XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler. Instead of injecting payloads and checking it works like all the other tools do, it analyses the response with multiple parsers and then crafts payloads that are guaranteed to work with context analysis...
Python-Nubia : A Command-Line & Interactive Shell Framework
Python-Nubia is a lightweight framework for building command-line applications with Python. It was originally designed for the “logdevice interactive shell (aka. ldshell)” at Facebook. Since then it was factored out to be a reusable component and several internal Facebook projects now rely on it as a quick and easy way to get an intuitive shell/cli application without too much...
