More results...
For man-in-the-middle attacks, Ettercap is a complete suite. It includes live connection sniffing, real-time content filtering, and other intriguing techniques. It has many network and host analysis features and supports active and passive protocol dissection. For the attack, we need two machines. The first one is Kali Linux, the other one is Windows, and the […]
WindowSpy is a Cobalt Strike Beacon Object File meant for targetted user surveillance. The goal of this project was to trigger surveillance capabilities only on certain targets, e.g. browser login pages, confidential documents, vpn logins etc. The purpose was to increase stealth during user surveillance by preventing detection of repeated use of surveillance capabilities e.g. […]
SilentMoonwalk is a PoC Implementation of a fully dynamic call stack spoofer. TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the result of a joint research […]
SilentMoonwalk is a PoC Implementation of a fully dynamic call stack spoofer. TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the result of a joint research […]
SilentMoonwalk is a PoC Implementation of a fully dynamic call stack spoofer. TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the result of a joint research […]
Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation. Active deception can live migrate the attacker to the honeypot without awareness. We can achieve a higher security level at a lower cost with Active deception. Demo Quick Start 1. Make sure docker, docker-compose is installed correctly on the […]
Snort is a widely used open-source Network Intrusion Detection System (NIDS) that can analyze network traffic and detect potential security threats. It works by analyzing network traffic in real time and comparing it against a set of rules, which the user or administrator defines. It can detect various attacks, such as port scans, buffer overflows, […]
Wifi_Db is a script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes(in 22000 hashcat format), MGT identities, interesting relations between APs, clients and it’s Probes, WPS information and a global view of all the APs seen. Features Install From DockerHub (RECOMMENDED) docker pull r4ulcl/wifi_db Manual installation Debian based systems […]
Seekr is a multi-purpose toolkit for gathering and managing OSINT-data with a sleek web interface. Our desktop view enables you to have all of your favourite OSINT tools integrated in one. The backend is written in Go with BadgerDB as database and it offers a wide range of features for data collection, organization, and analysis. […]
Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases. Features SAST (Static Analysis Security Testing) capabilities: SCA (Software Composition Analysis) capabilities: Extra Screenshots Scan customization Analysis workbench Rule pack edition Execution Grepmarx is provided with a configuration to be executed in […]