More results...
Heap_Detective is the simple way to detect heap memory pitfalls in C++ and C. Beta. This tool uses the taint analysis technique for static analysis and aims to identify points of heap memory usage vulnerabilities in C and C++ languages. The tool uses a common approach in the first phase of static analysis, using tokenization […]
Darkdump is a simple script written in Python3.11 in which it allows users to enter a search term (query) in the command line and darkdump will pull all the deep web sites relating to that query. Darkdump2.0 is here, enjoy! Installation Usage Example 1: python3 darkdump.py –query programmingExample 2: python3 darkdump.py –query=”chat rooms”Example 3: python3 […]
Extensible Azure Security Tool (Later referred as E.A.S.T) is tool for assessing Azure and to some extent Azure AD security controls. Primary use case of EAST is Security data collection for evaluation in Azure Assessments. This information (JSON content) can then be used in various reporting tools, which we use to further correlate and investigate […]
Aws-Security-Assessment-Solution is an AWS tool to help you create a point in time assessment of your AWS account using Prowler and Scout as well as optional AWS developed ransomware checks. Self-Service Security Assessment tool Cybersecurity remains a very important topic and point of concern for many CIOs, CISOs, and their customers. To meet these important […]
Suborner is a simple program to create a Windows account you will only know about 🙂 Create an invisible machine account with administrative privileges, and without invoking that annoying Windows Event Logger to report its creation! Where can I see more? Released at Black Hat USA 2022: Suborner: A Windows Bribery for Invisible Persistence How […]
Monomorph is a MD5-Monomorphic Shellcode Packer – all payloads have the same MD5 hash. What does it do? It packs up to 4KB of compressed shellcode into an executable binary, near-instantly. The output file will always have the same MD5 hash: 3cebbe60d91ce760409bbe513593e401 Currently, only Linux x86-64 is supported. It would be trivial to port this […]
Sandfly-Entropyscan is an Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes. Sandfly-Entropyscan is a utility to quickly scan files or running processes and report on their entropy (measure of randomness) and if they are a Linux/Unix ELF type […]
D3Ext’s Forwarded Shell is a python3 script which use mkfifo to simulate a shell into the victim machine. It creates a hidden directory in /dev/shm/.fs/ and there are stored the fifos. You can even have a tty over a webshell. In case you want a good webshell with code obfuscation, login panel and more functions […]
The DC Sonar Community provides functionality for analyzing AD domains for security risks related to accounts. Repositories The project consists of repositories: Disclaimer It’s only for education purposes. Avoid using it on the production Active Directory (AD) domain. Neither contributor incur any responsibility for any using it. Social media Check out our Red Team community […]
THE YARALYZER visually inspect all of the regex matches (and their sexier, more cloak and dagger cousins, the YARA matches) found in binary data and/or text. See what happens when you force various character encodings upon those matched bytes. With colors. Quick Start pipx install yaralyzer # Scan against YARA definitions in a file: yaralyze […]