DbgShell – A PowerShell Front-End For The Windows Debugger Engine
DbgShell a PowerShell front-end for the Windows debugger engine. DbgShell Inducement Have you ever tried automating anything in the debugger? (cdb/ntsd/kd/windbg) How did that go for you? The main impetus for DbgShell is that it's just waaaay too hard to automate anything in the debugger. There are facilities today to assist in automating the debugger, of course. But in my opinion they...
DarkSpiritz – A Penetration Testing Framework For UNIX Systems
DarkSpiritz is a penetration testing framework for UNIX systems. It is a re-vamp of the very popular framework known as "Roxysploit". You may be familiar with this framework and if you are then it will help you with DarkSpiritz. It also works like another pentesting framework known as Metasploit. If you know how to use metasploit setting up and...
Nodexp – A Server Side Javascript Injection Tool Capable Of Detecting & Exploiting Node.js Vulnerabilities
NodeXP is an intergrated tool, written in Python 2.7, capable of detecting possible vulnerabilities on Node.js services as well as exploiting them in an automated way, based on S(erver)S(ide)J(avascript)I(njection) attack! Nodexp Getting Started - Installation & Usage Download NodeXP by cloning the Git repository: git clone https://github.com/esmog/nodexp To get a list of all options run: python2.7 nodexp -h Examples for POST and GET cases accordingly: python2.7...
Subscraper – Tool That Performs Subdomain Enumeration Through Various Techniques
SubScraper uses DNS brute force, Google & Bing scraping, and Virus Total to enumerate subdomains without an API. Written in Python3, SubScraper performs HTTP(S) requests and DNS "A" record lookups during the enumeration process to validate discovered subdomains. This provides further information to help prioritize targets and aid in potential next steps. Post-Enumeration, "CNAME" lookups are displayed to identify...
BYOB : Open-Source Project To Build Your Own Botnet
BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the sophisticated malware that infects millions of devices every year and spawns modern botnets, in order to improve their ability to develop counter-measures against these threats. It is designed to allow developers to easily...
Kemon – An Open-Source Pre & Post Callback-Based Framework For macOS Kernel Monitoring
Kemon is an open-source Pre and Post callback-based framework for macOS kernel monitoring. With the power of it, we can easily implement LPC communication monitoring, MAC policy filtering, kernel driver firewall, etc. In general, from an attacker's perspective, this framework can help achieve more powerful Rootkit. From the perspective of defense, it can help construct more granular monitoring capabilities....
Aircrack-NG : WiFi Security Auditing Tools Suite
Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and others via packet injection. Testing: Checking WiFi cards and driver capabilities (capture and injection). Cracking:...
JShell – Get a JavaScript shell with XSS
JShell get a JavaScript shell with XSS. The Java Shell tool is an interactive tool for learning the Java programming language and prototyping Java code. JShell Usages Run shell.py and it will automatically try to detect your IP address, default LPORT is 33. As you can see the payload has been generated and now all you have to do is to deliver...
AWS Key Disabler – Lambda Script That Will Disable Access Keys Older Than A Given Amount Of Days
The AWS Key disabler is a Lambda Function that disables AWS IAM User Access Keys after a set amount of time in order to reduce the risk associated with old access keys. AWS Lambda Architecture SysOps Output for EndUser Developer Toolchain Also ReadHow Safe is to Use the Internet From Public WiFi? AWS Key Disabler Current Limitations A report containing the output (json) of...
Drltrace – A Library Calls Tracer For Windows & Linux Applications
Drltrace is a dynamic API calls tracer for Windows and Linux applications designed primarily for malware analysis. Drltrace is built on top of DynamoRIO dynamic binary instrumentation framework. The release build can be downloaded here. Why Drltrace Rock? Fast enough to perform analysis of malicious samples without being detected by time-based anti-research techniques. Supports both x86 and x64 (ARM in future). ...
