Browsing category
AVCLASS++: Yet Another Massive Malware Labeling Tool avclassplusplus is an appealing complement to AVCLASS [1], a state-of-the-art malware labeling tool. AVCLASS++ is a labeling tool for creating a malware dataset. Addressing malware threats requires constant efforts to create and maintain a dataset. Especially, labeling malware samples is a vital part of shepherding a dataset. AVCLASS, a […]
This has only been tested on Kali.It depends on the msfrpc module for Python, described in detail here: https://www.trustwave.com/Resources/SpiderLabs-Blog/Scripting-Metasploit-using-MSGRPC/Install the necessary Kali packages and the PostgreSQL gem for Ruby: apt-get install postgresql libpq-dev git-core gem install pgInstall current version of the msfrpc Python module from git: git clone git://github.com/SpiderLabs/msfrpc.git msfrpc cd msfrpc/python-msfrpc python setup.py installUsageBefore […]
DumpTheGit DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories. The tool will flag the matches for potentially sensitive files like credentials, secret keys, tokens, etc which have been accidentally uploaded by the developers. DumpTheGit just requires your Github Access Token to fetch the information. INSTALL Download the DumpTheGit repository into […]
The internet has brought us all closer together than ever before. Never before in our history has mankind been able to communicate so seamlessly. However, in the darker realms of the internet, such freedom is often misused for nefarious purposes. Cyberstalking is defined as being stalking or harassment towards an individual that is carried out […]
Monitoring possible threats of your company on Internet is an impossible task to be achieved manually. Hence many threats of the company goes unnoticed until it becomes viral in public. Thus causing monetary/reputation damage. This is where RTTM comes into action. RTTM (Real Time Threat Monitoring Tool) is a tool developed to scrap all pasties,github,reddit..etc […]
hashcobra Hash Cracking tool. Usage $ ./hashcobra -H–==[ hashcobra by sepehrdad ]==–usage: hashcobra -o <opr> [options] | [misc]options: -a <alg> – hashing algorithm [default: md5] – ? to list available algorithms -c <alg> – compression algorithm [default: zstd] – ? to list available algorithms -h <hash> – hash to crack -r <path> – rainbow table […]
truegaze A static analysis tool for Android and iOS applications focusing on security issues outside the source code such as resource strings, third-party libraries, and configuration files. Structure The application is command line and will consist of several modules that check for various vulnerabilities. Each module does its own scanning, and all results get printed […]
Aleph is a tool for indexing large amounts of both documents (PDF, Word, HTML) and structured (CSV, XLS, SQL) data for easy browsing and search. It is built with investigative reporting as a primary use case. Aleph allows cross-referencing mentions of well-known entities (such as people and companies) against watchlists, e.g. from prior research or public […]
The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a small lab infrastructure as close as possible to your production environment. This lab infrastructure contains a Windows Domain Controller, Windows Workstation and Linux server, which comes pre-configured with multiple security tools and logging configuration. The […]
A fast web fuzzer written in Go.Heavily inspired by the great projects gobuster and wfuzz. Features Fast! Allows fuzzing of HTTP header values, POST data, and different parts of URL, including GET parameter names and values Silent mode (-s) for clean output that’s easy to use in pipes to other processes. Modularized architecture that allows […]
When comparing the difference of a shared server to a private server configuration one thing that people never consider is the fact that on a shared host – your host CAN shut down your entire server for a number of reasons – this happened to me recently and I wanted to explain what happened and […]
Haaukins Haaukins is a highly accessible and automated virtualization platform for security education, it has three main components (Docker, Virtualbox, and Golang), the communication and orchestration between the components managed using Go programming language. The main reason of having Go environment to manage and deploy something on the Haaukins platform is that Go’s easy concurrency […]
This is a tool used to collect various intelligence sources for a given file. Fileintel is written in a modular fashion so new intelligence sources can be easily added.Files are identified by file hash (MD5, SHA1, SHA256). The output is in CSV format and sent to STDOUT so the data can be saved or piped […]
Pretend to be busy or waiting for your computer when you should actually be doing real work! Impress people with your insane multitasking skills. Just open a few instances of genact and watch the show. genact has multiple scenes that pretend to be doing something exciting or useful when in reality nothing is happening at […]
WindowsSpyBlocker is an application written in Go and delivered as a single executable to block spying and tracking on Windows systems. The initial approach of this application is to capture and analyze network traffic based on a set of tools. It is open for everyone and if you want to contribute or need help, take a look at the Wiki. Telemetry […]
ThreatHunt is a simple PowerShell repository that allows you to train your threat hunting skills. ThreatHunt allows you to simulate a variety of attack techniques and procedures without leveraging malicious files. It is not a penetration system tool or framework but instead a very simple way to raise security alerts that help you to train […]
ReconPi – A lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi.Start using that Raspberry Pi — I know you all have one laying around somewhere ? InstallationCheck the updated blogpost here for a complete guide on how to set up your own ReconPi: ReconPi GuideIf you prepared your […]
CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti (Bari – Italy). CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface. The main design objectives that CAINE […]
Dsiem Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. Dsiem provides OSSIM-style correlation for normalized logs/events, perform lookup/query to threat intelligence and vulnerability information sources, and produces risk-adjusted alarms. Features Runs in standalone or clustered mode with NATS as messaging bus between frontend and backend […]
Graphical tool for reverse engineering of Angular projects. It allows you to navigate in the structure of your application and observe the relationship between the different modules, providers, and directives. The tool performs static code analysis which means that you don’t have to run your application in order to use it.How to use? macOS Go […]
pylane Pylane is a python vm injector with debug tools, based on gdb and ptrace. It uses gdb to trace python process, inject and run some code in its python vm. Install pip install pylane Usage use inject command to inject a python script in a process: pylane inject <PID> <YOUR_PYTHON_FILE> use a shell command […]