AMIRA: Automated Malware Incident Response & Analysis
AMIRA is a service for automatically running the analysis on the OSXCollector output files. The automated analysis is performed via OSXCollector Output Filters, in particular The One Filter to Rule Them All: the Analyze Filter. It takes care of retrieving the output files from an S3 bucket, running the Analyze Filter and then uploading the results of the analysis back to S3 (although one...
VulnWhisperer : Create Actionable Data From Your Vulnerability Scans
VulnWhisperer is a vulnerability management tool and report aggregator. VulnWhisperer will pull all the reports from the different Vulnerability scanners and create a file with a unique filename for each one, using that data later to sync with Jira and feed Logstash. Jira does a closed cycle full Sync with the data provided by the Scanners, while Logstash indexes...
Dockernymous : A Script Used To Create A Whonix Like Gateway/Workstation Environment With Docker Containers
Dockernymous is a script used to create a whonix like gateway/workstation environment with docker containers. It is a start script for Docker that runs and configures two individual Linux containers in order act as a anonymisation workstation-gateway set up. It's aimed towards experienced Linux/Docker users, security professionals and penetration testers! The gateway container acts as a Anonymizing Middlebox (seehttps://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy) and routes...
Hardening up Your Cyber Defence With Risk Assessment
Your company faces an array of cyber threats, which are both internal and external. Cybersecurity risk assessment is meant to identify, assess, and implement security controls to pinpoint security vulnerabilities and defects. To safeguard your computer systems from threats, you must apply practices that build an impermeable cyber defense. The process of fortifying your cyber defenses starts with risk assessment. Without assessing your risks, you won’t be...
HiddenEye : Modern Phishing Tool With Advanced Functionality
HiddenEye is a modern phishing tool with advanced functionality and it also currently have Android support. Now you will have live information about the victims such as : IP ADDRESS, Geolocation, ISP, Country, & many more. TESTED ON FOLLOWING Kali Linux - Rolling EditionParrot OS - Rolling EditionLinux Mint - 18.3 SylviaUbuntu - 16.04.3 LTSMacOS High SierraArch LinuxManjaro XFCE Edition...
Top 7 Best Open Source SQL Injection Tools – 2019
SQL injection is a standout amongst the most widely recognised attacks against web applications. Here is the list of Best SQL Injection Tools 2019. Its attacks comprise of insertion or “injection” of a SQL query by means of the information from the customer to the application. An effective SQL injections endeavour can read delicate information from the database, alter database information...
SUDO KILLER : A Tool To Identify & Exploit Sudo Rules’ Misconfigurations & Vulnerabilities Within Sudo
SUDO KILLER is a tool which help to abuse SUDO in different ways and with the main objective of performing a privilege escalation on Linux environment. The tool helps to identify misconfiguration within sudo rules, vulnerability within the version of sudo being used (CVEs and vulns) and the used of dangerous binary, all of these could be abuse to elevate...
Hvazard : Remove Short Passwords & Duplicates, Change Lowercase To Uppercase & Reverse, Combine Wordlists
HVAZARD dictionary modifier remove short passwords & duplicates, change lowercase to uppercase & reverse, combine wordlists! Manual & Explaination d --dict Specifies the file you want to modify. This is the only parameter / argument that is not optional.o --out The output filename (optional). Default is out.txt.s --short This operation removes the lines with length shorter/equal to the specified number. Example:...
GitGot – Semi-Automated, Feedback-Driven Tool To Rapidly Search Through Troves Of Public Data On GitHub For Sensitive Secrets
GitGot is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive secrets. How it Works During search sessions, users will provide feedback to GitGot about search results to ignore, and GitGot prunes the set of results. Users can blacklist files by filename, repository name, username, or a fuzzy match of...
Git Hound – Find Exposed Keys Across GitHub Using Code Search Keywords
Git Hound makes it easy to find exposed APi keys on GitHub using pattern matching, targetted querying, and a scoring system. This differs from other OSINT GitHub scanners by searching keywords across GitHub rather than targeting specific repositories, exposing a fundamentally different set of results. GitRob is an excellent tool that specifically targets an organization or user's owned repositories for secrets....
