Parameth : Tool Used To Brute Discover GET & POST Parameters
Parameth tool can be used to brute discover GET and POST parameters. Often when you are busting a directory for common files, you can identify scripts (for example test.php) that look like they need to be passed an unknown parameter. This hopefully can help find them. The -off flag allows you to specify an offset (helps with dynamic pages) so...
Linux-based Autopilot and Other Technologies in Cars
The popularity of Linux in the world is gaining momentum. This is because in many areas it is recognized as better than Windows. One more proof is that Linux is introduced in the newest cars. Recently, Google has released hardware for the automotive market that works with the Linux operating system. And this is not regular hardware, but an autopilot...
EfiGuard – Disable PatchGuard and DSE at Boot Time
EfiGuard is a portable x64 UEFI bootkit that patches the Windows boot manager, boot loader and kernel at boot time in order to disable PatchGuard and Driver Signature Enforcement (DSE). Features Currently supports all EFI-compatible versions of Windows x64 ever released, from Vista SP1 to Server 2019. Easy to use: can be booted from a USB...
FireELF : Fileless Linux Malware Framework
FireELF is a opensource fileless linux malware framework thats crossplatform and allows users to easily create and manage payloads. By default is comes with 'memfd_create' which is a new way to run linux elf executables completely from memory, without having the binary touch the harddrive. Also Read - InstantBox : Get a Clean, Ready-To-Go Linux...
Flashmingo : Automatic Analysis of SWF Files Based On Some Heuristics
FLASHMINGO is an analysis framework for SWF files. The tool automatically triages suspicious Flash files and guides the further analysis process, freeing precious resources in your team. You can easily incorporate FLASHMINGO’s analysis modules into your workflow. To this day forensic investigators and malware analysts must deal with suspicious SWF files. If history repeats itself the security threat may...
Platypus : A modern Multiple Reverse Shell Sessions Manager Written In Go
Platypus is a modern multiple reverse shell sessions/clients manager via terminal written in go. It include the following Multiple service listening portMultiple client connectionsRESTful APIReverse shell as a service Also Read - W12Scan : A Simple Asset Discovery Engine for Cybersecurity Network Topology Attack IP: 192.168.1.2 Reverse Shell Service: 0.0.0.0:8080 RESTful Service: 127.0.0.1:9090 Victim IP: 192.168.1.3 Run Platypus from...
SilkETW : Tool To Abstract Away The Complexities Of ETW
SilkETW is a flexible C# wrapper for ETW, it is meant to abstract away the complexities of ETW and give people a simple interface to perform research and introspection. While SilkETW has obvious defensive (and offensive) applications it is primarily a research tool in it's current state. For easy consumption, output data is serialized to...
Monitor Smartphone usage with Cocospy Keylogger
No one can doubt the advantages that smartphones have. For parents, you now have a dependable babysitter with your smart device. While some people may frown upon this, ask that overworked mum who needs one hour to complete a certain household chore why she depends on the smartphone to keep the little ones occupied. By downloading toddler-friendly content, or...
InstantBox : Get a Clean, Ready-To-Go Linux Box in Seconds
InstantBox is a project that spins up temporary Linux systems with instant webshell access from any browser. What can it do? provides a clean Linux environment for a presentationlet students experience the charm of Linux at your school or your next LUG meetrun with an inspiration in a clean environmentmanage servers from any deviceexperiment with an open source projecttest software...
Pepe : Collect Information About Email Addresses From Pastebin
Pepe is a tool to collect information about email addresses from Pastebin. Script parses Pastebin email:password dumps and gather information about each email address. It supports Google, Trumail, Pipl, FullContact and HaveIBeenPwned. Moreover, it allows you to send an informational mail to person about his leaked password, at the end every information lands in Elasticsearch for further exploration. It supports...
