Kamerka – Build Interactive Map Of Cameras From Shodan
Kamerka is a tool to build interactive map of cameras from Shodan. The script creates a map of cameras, printers, tweets and photos based on your coordinates. Everything is clearly presented in form of interactive map with icons and popups. Kamerka Requirements Written with in Python 2 Shodan + paid subscription Geopy Foilum Colorama InstagramAPI - Credentials instead of api...
Mcreator – Encoded Reverse Shell Generator With Techniques To Bypass AV’s
Mcreator is an Encoded Reverse Shell Generator With Techniques To Bypass AV's. Mcreator Installation git clone https://github.com/blacknbunny/mcreator.git && cd mcreator/ && python mcreator.py Also ReadVba2Graph – Generate Call Graphs From VBA Code For Easier Analysis Of Malicious Documents Runnig Mcreator console python mcreator.py -rsg console Help usage: mcreator.py Reverse Shell generator with techniques to bypass all the AV's optional arguments: -h, --help ...
Miasm – Reverse Engineering Framework In Python
Miasm is a free and open source (GPLv2) reverse engineering framework. Miasm aims to analyze / modify / generate binary programs. Here is a non exhaustive list of features: Opening / modifying / generating PE / ELF 32 / 64 LE / BE using Elfesteem Assembling / Disassembling X86 / ARM / MIPS / SH4 / MSP430 Representing assembly...
MCExtractor – Intel, AMD, VIA & Freescale Microcode Extraction Tool
MCExtractor is a tool which parses Intel, AMD, VIA and Freescale processor microcode binaries. It can be used by end-users who are looking for all relevant microcode information such as CPUID, Platform, Version, Date, Release, Size, Checksum etc. It is capable of converting Intel microcode containers (dat, inc, h, txt) to binary images for BIOS integration, detecting new/unknown microcodes, checking...
Trape – People Tracker On The Internet
Trape is a OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their websites or services and control over their users through the browser, without...
Skiptracer – OSINT Python Webscaping Framework
Initial attack vectors for recon usually involve utilizing pay-for-data/API (Recon-NG), or paying to utilize transforms (Maltego) to get data mining results. Skiptracer utilizes some basic python webscraping (BeautifulSoup) of PII paywall sites to compile passive information on a target on a ramen noodle budget. Also ReadHassh : Tool Used To Identify Specific Client & Server SSH Implementations Skiptracer Installation $ git clone...
Janusec – Golang Based Application Security Solution Which Provides WAF
Janusec Application Gateway, an application security solutions which provides WAF (Web Application Firewall), unified web administration portal, private key protection, web routing and scalable load balancing. With Janusec, you can build secure and scalable applications. Also ReadPastego – Scrape/Parse Pastebin Using GO & Expression Grammar Janusec Key Features WAF (Web Application Firewall), block SQL Injection, Cross-site Scripting, Sensitive Data Leakage, CC...
Sheepl – Creating Realistic User Behaviour For Supporting Tradecraft Development Within Lab Environments
Sheepl is a tool for creating realistic user behaviour for supporting tradecraft development within lab environments. There are lots of resources available online relating to how you can build AD network environments for the development of blue team and red team tradecraft. However the current solutions tend to lack one important aspect in representing real world network configurations. A network...
ZIP File Raider – Burp Extension for ZIP File Payload Testing
ZIP File Raider is a Burp Suite extension for attacking web application with ZIP file upload functionality. You can easily inject Burp Scanner/Repeater payloads in ZIP content of the HTTP requests which is not feasible by default. This extension helps to automate the extraction and compression steps. ZIP File Raider Installation Set up Jython standalone Jar in Extender > Options...
NodeJsScan – Static Security Code Scanner For Node.js Applications
NodeJsScan is a static security code scanner (SAST) for Node.js applications. Configure & Run Install Postgres and configure SQLALCHEMY_DATABASE_URI in core/settings.py pip3 install -r requirements.txt python3 migrate.py # Run once to create database entries required python3 app.py # Testing Environment gunicorn -b 0.0.0.0:9090 app:app --workers 3 --timeout 10000 # Production Environment This will run it on http://0.0.0.0:9090 If you need to debug, set DEBUG = True in...
