ImaginaryC2:Python Tool Help In Network Behavioral Analysis Of Malware
ImaginaryC2 is a python tool which aims to help in the behavioral (network) analysis of malware. It hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads. By using this tool, an analyst can feed the malware consistent network responses. Additionally,...
NETworkManager – A Powerful Tool For Managing Networks & Troubleshoot Network Problems
NETworkManager is a powerful tool for managing networks and troubleshoot network problems. Let us have a look on the features on the tool that help us to manage our connected network and help us in fixing the nertwork related issue. Network Interface - Information, Configure IP-Scanner Port-Scanner Ping Traceroute DNS Lookup Remote Desktop PuTTY (requires PuTTY) TightVNC (requires TightVNC)...
Malcom – Malware Communications Analyzer 2019
Malcom is a tool designed to analyze a system's network communication using graphical representations of network traffic, and cross-reference them with known malware sources. This comes handy when analyzing how certain malware species try to communicate with the outside world. This tool can help you for the following; detect central command and control (C&C) serversunderstand peer-to-peer...
Tcpreplay – Pcap Editing & Replay Tools For UNIX & Windows
Tcpreplay is a suite of GPLv3 licensed utilities for UNIX operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal/Wireshark. It allows you to classify traffic as client or server, rewrite Layer 2, 3 and 4 packets and finally replay the traffic back onto the network and through other devices such...
Knock – Tool Designed To Enumerate Subdomains
Knock is a python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for DNS zone transfer and to try to bypass the wildcard DNS record automatically if it is enabled. Now knockpy supports queries to VirusTotal subdomains, you can setting the API_KEY within the config.json file. $...
MEC : massExploitConsole For Concurrent Exploiting
massExploitConsole a collection of hacking tools with a CLI & UI for concurrent exploiting. Following are the features of MEC; an easy-to-use cli ui execute any adpated exploits with process-level concurrency some built-in exploits (automated) hide your ip addr using proxychains4 and ss-proxy (built-in) zoomeye host scan (10 threads) a simple baidu crawler (multi-threaded) censys host scan Also Read : Most...
Evilginx2 : Standalone Man-In-The-Middle Attack Framework
Evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide man-in-the-middle functionality to act as a proxy between a...
Novahot – A Webshell Framework For Penetration Testers
Novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language. By default, it ships with trojans written in PHP, ruby, and python. Beyond executing system commands, novahot is able to emulate interactive terminals, including mysql, sqlite3, and psql. It additionally implements "virtual commands" that make it possible to...
DjangoHunter : Tool To Identify Incorrectly Configured Django Applications
Djangohunter is a tool designed to help identify incorrectly configured Django applications that are exposing sensitive information. DjangoHunter Usage Usage: python3 djangohunter.py --key {shodan} Dorks: 'DisallowedHost', 'KeyError', 'OperationalError', 'Page not found at /' Requirements ShodanPyfigletRequestsBeautifulSoup pip -r install requirements Also ReadScannerl : The Modular Distributed Fingerprinting Engine Video Tutorial Disclaimer Code samples are provided for educational purposes. Adequate defenses can only be built by researching attack techniques available to...
WPScan – Checks Vulnerabilities and Spots Security Issues
WPScan effectively scans your WordPress website and checks the vulnerabilities within the core version, plugins, themes, etc helping to spot the security issues. Firstly, install WPScan!Installation can be done through githubgit clone https://github.com/wpscanteam/wpscanN Go to the directory where you have downloaded wpscan and install the bundle files.bundle install && rake install Now, we are ready to use WPScan!wpscan --url http://target.tld --enumerate uUse the...