Especially in large environments, the Snaffler output gets very large and time-consuming to analyze.
This script parse the Snaffler output file (TSV format required) and:
Snaffler must be executed with the -y
switch in order to create an output file in the TSV format.
Example: .\Snaffler.exe -o snafflerout.txt -s -y
Simple parse the file my_snaffler_output.txt and write output with default sorting (severity, date modified) and default output files (TXT, CSV, HTML). .\snafflerparser.ps1 -in my_snaffler_output.txt
The different file output options are:
-outformat all
Write txt, csv, html and json-outformat txt
Write txt-outformat csv
Write csv-outformat html
Write html (includes clickable links)-outformat json
Write jsonThose files can be splitted regarding the finding severity (black, red, yellow, green) using the -split
switch.
Additonally a PS gridview output can be showed using “-gridview`.
The output will always be sorted regarding the severity than it can be sorted by:
-sort modified
File modified date (default)-sort keyword
Snaffler keyword-sort unc
File UNC Path-sort rule
Snaffler rule nameExplorer++ is an alternative file explorer on windows.
The great thing is that unlike the Windows Explorer it can be executed in another user’s context including the /netonly
switch. This is useful when performing a pentest from a dedicated, non-domain joined pentest notebook or VM.
For more information click here.
This Python script for Linux can analyze Microsoft Windows *.msi Installer files and point out…
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks…
Discover your application security risks and vulnerabilities in only a few minutes. In this guide…
The idea behind waymore is to find even more links from the Wayback Machine than…
The Pycript extension for Burp Suite is a valuable tool for penetration testing and security…
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and…