Browsing tag
Reverse Engineer .NET Assemblies dnSpy is a tool to reverse engineer .NET assemblies. It includes a decompiler, a debugger and an assembly editor (and more) and can be easily extended by writing your own extension. It uses dnlib to read and write assemblies so it can handle obfuscated assemblies (eg. malware) without crashing. Features […]
The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another. Note: The signature is added, but not valid. ================================================================= ___ ___ ___ ______ ____ ______ __ __ ____ ____ | | | / _] | / | | || |__| || || […]
A slow data siphon for MySQL/MariaDB using bitwise operation on printable ASCII characters, via a blind-SQL injection. Usage USAGE: blisqy.py –server <Web Server> –port <port> –header <vulnerable header> –hvalue <header value> –inject <point of injection> –payload <custom sql payload> –dig <yes/no> –sleeptime <default 0.5> Options: -h, –help show this help message and exit –server=WEBSERVER Specify […]
Vanquish is a Kali Linux based Enumeration Orchestrator built in Python. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. The results of each phase are fed into the next phase to identify vulnerabilities that could be leveraged for a remote shell. Vanquish Features So what is so special […]
BaRMIe is a tool for enumerating and attacking Java RMI (Remote Method Invocation) services. RMI services often expose dangerous functionality without adequate security controls, however RMI services tend to pass under the radar during security assessments due to the lack of effective testing tools. In 2008 Adam Boulton spoke at AppSec USA (YouTube) and released […]
Penetration testing (otherwise known as pentesting, or the more general security testing) is the process of testing your applications for vulnerabilities, and answering a simple question: “What could a hacker do to harm my application, or organization, out in the real world?”. An effective penetration test will usually involve a skilled hacker, or team of […]