Tag Archives: kalilinux

MultCheck : A User-Friendly, Open-Source Malware AV Testing Tool

An innovative, open-source tool designed to streamline malware analysis by testing the effectiveness of multiple antivirus (AV) engines simultaneously. Developed by the resourceful @Pengrey, MultCheck stands out for its user-friendly interface and customizable framework, allowing users to easily integrate new AV engines as needed. Whether you’re a cybersecurity professional or an enthusiast, MultCheck provides a …

Continue reading “MultCheck : A User-Friendly, Open-Source Malware AV Testing Tool”

CLay – Enhancing Web Security hrough Deceptive Reverse Proxies

CLay offers a unique and powerful feature that goes beyond traditional security measures. CLay takes deception to a new level by mimicking the appearance of a website with information from a different framework. The primary objective is to mislead and deceive potential attackers, leading them to gather false information about the web application. Features Supported …

Continue reading “CLay – Enhancing Web Security hrough Deceptive Reverse Proxies”

Entraspray – Enhancing Password Spraying Tools For Microsoft Azure Security

Entraspray is a rewrite of MSOLSpray in python. The main purpose of this tool remains the same: to perform password spraying against Microsoft Azure accounts while also providing detailed information about account status and errors; such as if MFA is enabled, if a tenant or user doesn’t exist, if the account is locked or disabled and more. …

Continue reading “Entraspray – Enhancing Password Spraying Tools For Microsoft Azure Security”

IAT-Tracer V2 : Streamlining API Function Tracing For Enhanced Cybersecurity

IAT-Tracer V2 is a plugin for Tiny-Tracer framework (by @hasherezade) for automatically detecting and resolving functions’ parameters out of the IAT or trace logs (.tag files) of PE files. The plugin has a GUI that allows the user to choose what imported or called functions to trace and watch and then automatically fills the parameters (library, function’s …

Continue reading “IAT-Tracer V2 : Streamlining API Function Tracing For Enhanced Cybersecurity”

Gouge – The Essential Burp Suite Extension For URL Extraction

Gouge is a Burp Suite extension to extract or GOUGE all URLs. It is a Burp Suite extension written in Python and uses the Burp Suite API to extract URLs from a webpage & all its JS files too! How To Use Gouge? How To Build Gouge? Gouge is written in Python and uses the …

Continue reading “Gouge – The Essential Burp Suite Extension For URL Extraction”

Microsoft-Analyzer-Suite (Community Edition) : A Deep Dive Into Analyzing Microsoft 365 Security

Explore the capabilities of the Microsoft-Analyzer-Suite (Community Edition), a powerful collection of PowerShell scripts designed to enhance your security analysis. This suite provides automated processing of logs from Microsoft 365 and Microsoft Entra ID, leveraging tools developed by Invictus-IR. Dive into the intricacies of these tools and learn how they can bolster your cybersecurity efforts. …

Continue reading “Microsoft-Analyzer-Suite (Community Edition) : A Deep Dive Into Analyzing Microsoft 365 Security”

Cloud_Enum – Advancing Cloud Security Through Multi-Cloud OSINT Tools

I built this tool in 2019 for a pentest involving Azure, as no other enumeration tools supported it at the time. It grew from there, and I learned a lot while adding features. Building tools is fun, but maintaining tools is hard. I haven’t actively used this tool myself in a while, but I’ve done …

Continue reading “Cloud_Enum – Advancing Cloud Security Through Multi-Cloud OSINT Tools”

EDRPrison – Advanced Evasion Techniques Using Legitimate WFP Drivers

EDRPrison leverages a legitimate WFP callout driver, WinDivert, to effectively silence EDR systems. Drawing inspiration from tools like Shutter, FireBlock, and EDRSilencer, this project focuses on network-based evasion techniques. Unlike its predecessors, EDRPrison installs and loads an external legitimate WFP callout driver instead of relying solely on the built-in WFP. Additionally, it blocks outbound traffic from EDR processes by …

Continue reading “EDRPrison – Advanced Evasion Techniques Using Legitimate WFP Drivers”

Using Hardware -Based Exploits : A Comprehensive Guide To Braktooth, Internalblue, And Automated Techniques

You need to buy the following hardware to be able to run the exploits: The installation is partially automated in the toolkit. Consult repository for other information. Once you have needed hardware: Internalblue Currently, we support only Nexus 5 phones, but you can add your hardware that supports internalblue as well LINK_TO_HOW_TO_ADD_HARDWARE. The phone should already …

Continue reading “Using Hardware -Based Exploits : A Comprehensive Guide To Braktooth, Internalblue, And Automated Techniques”

Manual Exploits – Assessing Device Security Through Direct Interaction

This check could be used to assess the severity of the attacks. If the target device is pairable even if the user does not navigate to the pairing/discovery menu then such a device has a higher exposure to the threats. It should be noted that previous research showed that Bluetooth MAC addresses could be passively …

Continue reading “Manual Exploits – Assessing Device Security Through Direct Interaction”