PHPMussel : Anti-Virus Anti-Trojan Anti-Malware Solution
An ideal solution for shared hosting environments, where it's often not possible to utilise or install conventional anti-virus protection solutions, phpMussel is a PHP script designed to detect trojans, viruses, malware and other threats within files uploaded to your system wherever the script is hooked, based on the signatures of ClamAV and others. Features Licensed as GNU...
WinPwn : Automation for Internal Windows Penetrationtest / AD-Security
In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. For this reason I wrote my own script with automatic proxy recognition and integration called WinPwn. The script is mostly based on well-known large other offensive security Powershell projects. I only load...
Mutiny Fuzzer : Network Fuzzer Replaying PCAPs Through a Mutational Fuzzer
The Mutiny Fuzzer Framework is a network fuzzer that operates by replaying PCAPs through a mutational fuzzer. The goal is to begin network fuzzing as quickly as possible, at the expense of being thorough. The general workflow for Mutiny is to take a sample of legitimate traffic, such as a browser request, and feed it into a prep script...
Tips for paper writing for final assignment
Students are in high school and have just gotten major term paper assignments and are not a little five hundreds of words. Actually pending on the level in the year so students probably wondering if there is a way that can get to writing paper very fast is usually required. If are off to the college in the fall so then required to...
FridaExtract : Frida.re Based RunPE Extraction Tool
FridaExtract is a Frida.re based RunPE extraction tool. RunPE type injection is a common technique used by malware to hide code within another process. It also happens to be the final stage in a lot of packers : ) NOTE: Frida now also supports extraction of injected PE files using the "MapViewOfSection" technique best described here. Using FridaExtract you can automatically extract and reconstruct a PE...
Droidefense : Advance Android Malware Analysis Framework
Droidefense is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has anti-analysis routines, Droidefense attemps to bypass them in order to get to the code and 'bad boy' routine. Sometimes those techniques can be virtual machine...
Psad : Intrusion Detection & Log Analysis with IPtables
The Port Scan Attack Detector psad is a lightweight system daemon written in is designed to work with Linux iptables/ip6tables/firewalld firewalling code to detect suspicious traffic such as port scans and sweeps, backdoors, botnet command and control communications, and more. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination,...
Flightsim : Utility to Generate Malicious Network Traffic & Evaluate Controls
Flightsim is a lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility. The tool performs tests to simulate DNS tunneling, DGA traffic, requests to known active C2 destinations, and other suspicious traffic patterns. Installation Download the latest flightsim binary for your OS from the GitHub Releases page. Alternatively, the utility can be...
Xori : An Automation-Ready Disassembly & Static Analysis Library
Xori is an automation-ready disassembly and static analysis library that consumes shellcode or PE binaries and provides triage analysis data. Architectures: i386x86-64 File Formats PE, PE+Plain shellcode Current Features Outputs json of the 1) Disassembly, 2) Functions, and 3) Imports.Manages Image and Stack memory.2 modes:Light Emulation - meant to enumerate all paths (Registers, Stack, Some Instructions).Full Emulation - only follows the code’s path (Slow...
LAPSToolkit : Tool to Audit & Attack LAPS Environments
LAPSToolkit functions written in PowerShell that leverage PowerView to audit and attack Active Directory environments that have deployed Microsoft's Local Administrator Password Solution (LAPS). It includes finding groups specifically delegated by sysadmins, finding users with "All Extended Rights" that can view passwords, and viewing all computers with LAPS enabled. Please submit issues or comments for any problems or performance improvements....
