Clik here to view.
POC for IAT Parsing Payloads.
Notice: This Tools and Post For Education/Learning and Research Purpose ONLY! IAT_POC; Find a suitable IAT based payload, that bypasses post DEP/ASLR protectsion in EMET. Dependencies: + Python 2.7.x +...
View ArticleClik here to view.
Lynis v2.3.0 : is a system and security auditing tool for Unix/Linux
Changelog Lynis 2.3.0 (2016-07-13): We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of...
View ArticleClik here to view.
PowerLurk – Malicious WMI Events using PowerShell.
To use PowerLurk, you must import the PowerLurk.ps1 module into your instance of PowerShell. This can be done a couple of ways: 1. Import locally: PS> powershell.exe -NoP -Exec ByPass -C...
View ArticleClik here to view.
payload generator tuned up for *nix command injection.
Let’s try to create proper nix command injection anatomy we can deal with three types of shitty check filters: 1) the ones that only force the string to begin properly, like ^\w+ 2) the ones that only...
View ArticleClik here to view.
Winsploit – Windows Exploit Sugester v3.2.
Changelog v3.2: + adding new bulletin; — MS16-075 : Windows: Local WebDAV NTLM Reflection Elevation — MS16-074 : Windows – gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds...
View ArticleClik here to view.
Magic Unicorn Attack Vector v2.3.3
Changelog v2.3.3: * most AVs were flagging on -enc instead of -EncodedCommand along with base64 would flag windows defender.. looks like this gets around it on both macro and standard ps1/encoded...
View ArticleClik here to view.
MorphAES – IDPS & SandBox & AntiVirus STEALTH KILLER.
IMPORTANT NOTICE: This Post is intended to help understanding and learning how Encryption is used in malware. we don’t expect it to be used in malwares “in practice”. Creating malwares would be...
View ArticleClik here to view.
Stegator – A Python based backdoor that uses a Cloud Image Service...
A Python based backdoor that uses a Cloud Image Service (Cloudinary) as a command and control server. Use by your own risk! Using Steganography all the commands are “inserted” in ramdom images...
View ArticleClik here to view.
WiFi-Pumpkin v0.7.8 – Framework for Rogue Wi-Fi Access Point Attack
Changelog Version 0.7.8: —————————– – moved progressBar to statusBar – fixed thread scanner IP in Modules::DNS,ARP spoof – changed plugins options to sslstrip+/dns2proxy, sslstrip/sergio-proxy – added...
View ArticleClik here to view.
sqli-ircbot is a multi-server ircbot that works with the sqlmap API for...
sqli-ircbot is a multi-server ircbot that works with the sqlmap API for security auditing. Features + multi server and multi channel + markovian AI chaining + sqlmap scanning + btc rates + md5 and sha1...
View ArticleClik here to view.
Swarm – A distributed penetration testing tool.
Swarm is an open source modular distributed penetration testing Tool that use distributed task queue to implement communication in the master-slave mode system. It consists of a distributed framework...
View ArticleClik here to view.
APT2 – An Automated Penetration Testing Toolkit.
This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the...
View ArticleClik here to view.
tomcatWarDeployer v0.3 – Apache Tomcat auto WAR deployment & pwning...
CHANGELOG Version 0.3, 19.07.16: + Added bind-shell & Reverse-shell functionality to provide user with direct access to the shell. tomcatWarDeployer v0.3 tomcatWarDeployer is an Apache Tomcat auto...
View ArticleClik here to view.
AutOSINT – Tool to automate common osint tasks.
AutOSINT.py v0.1, is a way to do some automated OSINT task. Dependencies: – Python 2.7.x – pip2 install docx – pip2 install shodan – pip2 install google + You must have shodan API key. + All Operating...
View ArticleClik here to view.
CrackMapExec v3.1.2 – A swiss army knife for pentesting Windows/Active...
Changelog CrackMapExec v3.1.2: + Some minor code cleanup + Error handling improvements + Bug fixes in SMB brute forcing and SMB spider logic + Added support for importing Metasploit credentials + New...
View ArticleClik here to view.
The Penetration Testers Framework (PTF) v1.8 codename: Tool Depot.
Changelog v1.8, codename Tool Depot: * added samba-client to ridenum as prereq * added poshc2 (PR) * added title for cmd shell (PR) * added fimap (PR) * changed install path from hardcoded to...
View ArticleClik here to view.
OWASP ZSC v1.1.0 ST ~ Shellcode/Obfuscate Code Generator.
Changelog version 1.1.0: ST ——————————– * bugs fixed * wizard base interface * argv command line interface * define output file * code style changed to PEP8 standard * assembly/shellcode output * add...
View ArticleClik here to view.
tplmap v0.1c – Automatic Server-Side Template Injection Detection and...
Changelog 0.1c: + core: Fix HTTP verb setting –request + utils: Improve –data option with query string format + plugins: Adapt Velocity to new Plugin object + test: Rename channel tests Tplmap (short...
View ArticleClik here to view.
backdoor-apk v0.1.2 is a shell script that simplifies the process of adding a...
Changelog v0.1.2 (2016-07-25): + Bug Fixes — Placeholder logic no longer fails on Linux systems configured for 32 bit long values. + Miscellaneous — Added AUTHORS and HISTORY files. backdoor-apk is a...
View ArticleClik here to view.
Postex is a Linux post exploitation tool for discovery, backdooring, and...
Postex is a Linux post exploitation tool for discovery, backdooring, and lateral movement. goals + run independently of the host environment (no dependence on existing executable utilities, e.g....
View Article