Browsing category
functrace is a tool that helps to analyze a binary file with dynamic instrumentation using DynamoRIO (http://dynamorio.org/).These are some implemented features (based on DynamoRIO): disassemble all the executed code disassemble a specific function (dump if these are addresses) get arguments of a specific function (dump if these are addresses) get return value of a specific […]
Real Time Threat Monitoring Tool V2.0 Monitoring possible threats of your company on the Internet is an impossible task to be achieved manually. Hence many threats of the company go unnoticed until it becomes viral in public. Thus causing monetary/reputation damage. This is where RTTM comes into action. RTTM (Real Time Threat Monitoring Tool) is […]
A CLI application that automatically prepares Android APK files for HTTPS inspection Inspecting a mobile app’s HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an […]
RansomCoin Extracting metadata and hardcoded Indicators of Compromise from ransomware, in a scalable, efficient, way with cuckoo integrations. Ideally, is it run during cuckoo dynamic analysis, but can also be used for static analysis on large collections of ransomware. Designed to be fast, with low false positive for cryptocurrency addresses. Limited false positives for emails, […]
Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.Because the server name in […]
With each passing year, cybersecurity concerns increase in terms of the number of threats and their severity. Hackers can and will cause massive amounts of damage or destruction to the information systems and accounts of users they victimize. Viruses, malware, ransomware, adware, and other malicious software can irreparably harm computer systems and networks, costing users […]
Antbot.pw provides a free, open API endpoint for checking a domain or email address against a frequently-updated list of disposable domains. CORS is enabled for all originating domains, so you can call the API directly from your client-side code.GET https://antibot.pw/api/disposable?email=radenvodka@0815.su HTTP/1.1The response will be JSON with one boolean property, e.g. {“disposable”:false}Using jQuery? <script> $( “#email” […]
RetDec is a retargetable machine-code decompiler based on LLVM.The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR (archive), Intel HEX, and raw machine code Supported architectures: 32-bit: Intel x86, ARM, MIPS, PIC32, and PowerPC 64-bit: x86-64, ARM64 (AArch64) Features: Static […]
Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. Read more on thewhiteh4t’s Blog .Seeker Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will […]
Loki: like Prometheus, but for logs. Loki is a horizontally-scalable, highly-available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost-effective and easy to operate. It does not index the contents of the logs, but rather a set of labels for each log stream. Compared to other log aggregation systems, Loki: does […]
A simple CORS misconfiguration scannerBased on the research of James KettleCORStest is a quick & dirty Python 2 tool to find Cross-Origin Resource Sharing (CORS) misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential vulnerabilities are detected by sending a certain Origin […]
Lithnet Password Protection for Active Directory (LPP) enhances the options available to an organization wanting to ensure that all their Active Directory accounts have strong passwords. LPP is a module that you install on your Active Directory servers that uses a password filter to inspect passwords as users attempt to change them. Using group policy, you customize […]
Just a nice persistence trick to confuse DFIR investigation. Uses NtSetValueKey native API to create a hidden (null terminated) registry key. This works by adding a null byte in front of the UNICODE_STRING key valuename.More info about this technique can be found in the following whitepaper: https://github.com/ewhitehats/InvisiblePersistence/blob/master/InvisibleRegValues_Whitepaper.pdfThe tool uses the following registry path in which […]
The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the information is then used to build maps of the target networks. Changelog v3.4.1 2452c61 Document […]
CodeCat is a open source tool to help you in codereview, to find/track sinks and this points follow regex rules…How too install, step by step: Go to CodeCat directory, install backend and frontend libs: $ cd Front$ sudo python3 -m pip install -r requirements.txt$ cd ..$ cd Backend$ sudo python3 -m pip install -r requirements.txt […]
Cybersecurity: The Beginner’s Guide It’s not a secret that there is a huge talent gap in the cybersecurity industry. Everyone is talking about it including the prestigious Forbes Magazine, Tech Republic, CSO Online, DarkReading,… The post “Cybersecurity: The Beginner’s Guide ($29.99 Value) FREE For a Limited Time” appeared first on Penetration Testing.
A small linux information collection script is mainly used for emergency response. It can be used under Debian or Centos.Features CPU TOP10, memory TOP10 CPU usage boot time Hard disk space information User information, passwd information Environmental variable detection Service list System program changes (debsums -e and rpm -va) Network traffic statistics Network connection, listening […]
Burp Suite extension to discover a apikey/tokens from HTTP response. Install download SecretFinder wget https://raw.githubusercontent.com/m4ll0k/BurpSuite-Secret_Finder/master/SecretFinder.pyorgit clone https://github.com/m4ll0k/BurpSuite-Secret_Finder.git now open Burp > Extender > Extensions > Add > set python and select file (SecretFinder.py) Requirements jython burpsuite Download BurpSuite-Secret_Finder
aSYNcrone is a SYN Flood DDoS Attack Tool!Usage: git clone https://github.com/fatih4842/aSYNcrone.gitcd aSYNcronegcc aSYNcrone.c -o aSYNcrone./aSYNcrone <source IP> <source port> <destination IP> <destination port> Download aSYNcrone
Nessus XML Praser Requirements Python3 Django Tested on Ubuntu 18.04 What it does Vulnerability based parsing Service based parsing Host bases parsing Unsupported OS parsing Generate Executive Summary of scan Export parsed .nessus(s) to JSON file(s) Import JSON file in Nessus_Map How it works Create XML directory in Nessus_Map home directory and place all .nessus […]
Sooty is a tool developed with the task of aiding SOC analysts with automating part of their workflow. One of the goals of Sooty is to perform as much of the routines checks as possible, allowing the analyst more time to spend on deeper analysis within the same time-frame.Sooty is now proudly supported by Tines.io! […]