Kali
The K55 payload injection tool is used for injecting x86_64 shellcode payloads into running processes. The utility was developed using modern C++11 techniques as well as some traditional C linux functions like ptrace(). The shellcode spawned in the target process is 27 bytes and it executes /bin/sh (spawns a bash shell) within the target’s address …
Continue reading “K55 : Linux X86_64 Process Injection Utility”
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known malicious memory injection techniques. The detection process is performed through live analysis and without needing memory dumps. The tool …
Continue reading “Memhunter : Live Hunting Of Code Injection Techniques”
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually …
SQLMap v1.2.9 is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the …
Continue reading “SQLMap v1.2.9 – Automatic SQL Injection & Database Takeover Tool”
Cymothoa is a post-exploitation tool. It can be used to maintain access to an exploited system. Cymothoa injects a variety of shellcodes to running processes in a system. Almost all nix systems most of the Linux variants can be backdoored with cymothoa. Cymothoa uses ptrace library in nix systems to evaluate running processes & inject …
Continue reading “Maintaining Access to a Linux Machine Using Cymothoa – Post Exploitation”
Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It’s a completely automated SQL Injection tool and it is dispersed by ITSecTeam, an Iranian security organization. The name Havij signifies “carrot”, which is the apparatus’ symbol. The tool is outlined with an …
Continue reading “Havij Download – Advanced Automated SQL Injection Tool”
