More results...
Misp-Extractor is a simple Python script that connects to a MISP instance and retrieves attributes of specific types (such as IP addresses, URLs, and hashes). The retrieved attributes are then written to separate files. MISP Extractor This code connects to a given MISP (Malware Information Sharing Platform) server and parses a given number of events, […]
DNSRecon is a DNS scanning and enumeration tool written in Python, which allows you to perform different tasks, such as enumeration of standard records for a defined domain (A, NS, SOA, and MX). Top-level domain expansion for a defined domain. With this graph-oriented user interface, the different records of a specific domain can be observed, […]
Powershell-Backdoor-Generator is a reverse backdoor written in Powershell and obfuscated with Python. Allowing the backdoor to have a new signature after every build. With the capabilties to create a Flipper Zero/ Hak5 USB Rubber ducky payload. Features Standard backdoor C:\Users\DrewQ\Desktop\powershell-backdoor-main> python .\listen.py –verbose [*] Encoding backdoor script [*] Saved backdoor backdoor.ps1 sha1:32b9ca5c3cd088323da7aed161a788709d171b71 [*] Starting Backdoor […]
Want to learn Python dictionary methods? Here you’ll learn how to read, update, and delete items from a Python dictionary.
The post 10 Useful Python Dictionary Methods appeared first on Geekflare.
Monomorph is a MD5-Monomorphic Shellcode Packer – all payloads have the same MD5 hash. What does it do? It packs up to 4KB of compressed shellcode into an executable binary, near-instantly. The output file will always have the same MD5 hash: 3cebbe60d91ce760409bbe513593e401 Currently, only Linux x86-64 is supported. It would be trivial to port this […]
D3Ext’s Forwarded Shell is a python3 script which use mkfifo to simulate a shell into the victim machine. It creates a hidden directory in /dev/shm/.fs/ and there are stored the fifos. You can even have a tty over a webshell. In case you want a good webshell with code obfuscation, login panel and more functions […]
SSTImap is a penetration testing software that can check websites for Code Injection and Server-Side Template Injection vulnerabilities and exploit them, giving access to the operating system itself. This tool was developed to be used as an interactive penetration testing tool for SSTI detection and exploitation, which allows more advanced exploitation. Sandbox break-out techniques came […]
Ghauri is an advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws. Requirements Installation Download Ghauri You can download the latest version of Ghauri by cloning the GitHub repository. Features Advanced Usage Legal disclaimer
By Deeba Ahmed
Aabquerys use the typosquatting technique to encourage downloading malicious components, as it has been cleverly named to make it sound like the legitimate NPM module Abquery.
This is a post from HackRead.com Read the original post: Typ…
I published the following diary on isc.sans.edu: “A Backdoor with Smart Screenshot Capability“: Today, everything is “smart” or “intelligent”. We have smartphones, smart cars, smart doorbells, etc. Being “smart” means performing actions depending on the context, the environment, or user actions. For a while, backdoors and trojans have implemented screenshot
The post [SANS ISC] A Backdoor with Smart Screenshot Capability appeared first on /dev/random.