More results...
SilentMoonwalk is a PoC Implementation of a fully dynamic call stack spoofer. TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the result of a joint research […]
SilentMoonwalk is a PoC Implementation of a fully dynamic call stack spoofer. TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the result of a joint research […]
Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation. Active deception can live migrate the attacker to the honeypot without awareness. We can achieve a higher security level at a lower cost with Active deception. Demo Quick Start 1. Make sure docker, docker-compose is installed correctly on the […]
Snort is a widely used open-source Network Intrusion Detection System (NIDS) that can analyze network traffic and detect potential security threats. It works by analyzing network traffic in real time and comparing it against a set of rules, which the user or administrator defines. It can detect various attacks, such as port scans, buffer overflows, […]
Wifi_Db is a script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes(in 22000 hashcat format), MGT identities, interesting relations between APs, clients and it’s Probes, WPS information and a global view of all the APs seen. Features Install From DockerHub (RECOMMENDED) docker pull r4ulcl/wifi_db Manual installation Debian based systems […]
Seekr is a multi-purpose toolkit for gathering and managing OSINT-data with a sleek web interface. Our desktop view enables you to have all of your favourite OSINT tools integrated in one. The backend is written in Go with BadgerDB as database and it offers a wide range of features for data collection, organization, and analysis. […]
Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases. Features SAST (Static Analysis Security Testing) capabilities: SCA (Software Composition Analysis) capabilities: Extra Screenshots Scan customization Analysis workbench Rule pack edition Execution Grepmarx is provided with a configuration to be executed in […]
Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases. Features SAST (Static Analysis Security Testing) capabilities: SCA (Software Composition Analysis) capabilities: Extra Screenshots Scan customization Analysis workbench Rule pack edition Execution Grepmarx is provided with a configuration to be executed in […]
Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode, PE, and COFF files polymorphically. Shoggoth will generate an output file that stores the payload and its corresponding loader in an obfuscated form. Since the content of the output is position-independent, it can be executed directly as a shellcode. […]
CMLoot was created to easily find interesting files stored on System Center Configuration Manager (SCCM/CM) SMB shares. The shares are used for distributing software to Windows clients in Windows enterprise environments and can contains scripts/configuration files with passwords, certificates (pfx), etc. Most SCCM deployments are configured to allow all users to read the files on […]