RedGhost : Linux Post Exploitation Framework Designed To Assist Red Teams In Gaining Persistence, Reconnaissance & Leaving No Trace
RedGhost is a Linux post exploitation framework designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl SudoInject Function to inject sudo command with wrapper function to run a reverse root shell everytime "sudo" is run for privilege escalataion lsInject Function to...
UACME : Defeating Windows User Account Control
UACMe is a defeating windows user account control by abusing built-in windows autoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10 (client, some methods however works on server version too).Admin account with UAC set on default settings required. Usage Run executable from command line: akagi32 or akagi64 . See "Run examples" below for more info. First param is number of method to...
JShielder : Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark G
JSHielder is an Open Source Bash Script developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little interaction from the...
iKy : OSINT Project To Collect Information From Mail
Project iKy is a tool that collects information from an email and shows results in a nice visual interface. We want to warn you that we have changed the Frontend from AngularJS to Angular 7. For this reason we left the project with AngularJS as Frontend in the iKy-v1 branch. The reason of changing the Frontend was to update the technology...
Passpie : Multiplatform Command-line Password Manager
Passpie is a command line tool to manage passwords from the terminal with a colorful and configurable interface. Use a master passphrase to decrypt login credentials, copy passwords to clipboard, syncronize with a git repository, check the state of your passwords, and more. Password files are encrypted using GnuPG and saved into yaml text files. Passpie supports Linux, OSX and Windows. What does it look like? Here...
PasteHunter : Scanning Pastebin With Yara Rules
PasteHunter is a python3 application that is designed to query a collection of sites that host publicly pasted data. For all the pastes it finds it scans the raw contents against a series of Yara rules looking for information that can be used by an organisation or a researcher. Installation There are a few ways to install Local Installation Pastehunter If you want...
Pown Duct : Essential Tool For Finding Blind Injection Attacks
Pown Duct is an essential tool for finding blind injection attacks using DNS side-channels. This tool is part of secapps.com open-source initiative. Note : This tool is taking advantage of http://requestbin.net service. Future versions will use a dedicated, custom-built infrastructure. Quickstart This tool is meant to be used as part of Pown.js but it can be invoked separately as an independent tool. Install Pown first...
Dwarf : Full Featured Multi Arch/OS Debugger Built On Top Of PyQt5 & Frida
Dwarf is a debugger for reverse engineers, crackers and security analyst. Or you can call it damn, why are raspberries so fluffy or yet, duck warriors are rich as fuck. Whatever you like! Built on top of pyqt5, frida and some terrible code. Features breakpointswatchpoints without hardware supportvisual emulation with auto map from target, reporting memory accessesbreaks module loading cycle, java...
Ghostfuscator : The Python Password-Protected Obfuscator
Ghostfuscator is a obfuscate python scripts making them password-protected using AES Encryption. Usage Just execute the script, and follow the menu. Also Read - WinObjEx64 : Windows Object Explorer 64-bit Info Once an script is obfuscated, when running it a password asking prompt will appear, after submitting the correct password, the script will execute decrypting it's decrypted content in the memory. Download
Objection : Runtime Mobile Exploration
Objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. Note: This is not some form of jailbreak / root bypass. By using objection, you are still limited by all of the restrictions imposed by...
