Posts

Showing posts from September, 2019

Blobrunner - Apace Debug Shellcode Extracted During Malware Analysis

Image
BlobRunner is a uncomplicated tool to speedily debug shellcode extracted during malware analysis. BlobRunner allocates retentivity for the target file in addition to jumps to the base of operations (or offset) of the allocated memory. This allows an analyst to speedily debug into extracted artifacts amongst minimal overhead in addition to effort. To role BlobRunner, you lot tin download the compiled executable from the releases page or fix your ain using the steps below. Building Building the executable is conduct forrad in addition to relatively painless. Requirements Download in addition to install Microsoft Visual C++ Build Tools or Visual Studio Build Steps Open Visual Studio Command Prompt Navigate to the directory where BlobRunner is checked out Build the executable past times running: cl blobrunner.c Building BlobRunner x64 Building the x64 version is most the same equally above, but only uses the x64 tooling. Open x64 Visual Studio Command Prompt...

Isip - Interactive Drink Toolkit For Bundle Manipulations, Sniffing, Human Inwards The Meat Attacks, Fuzzing, Simulating Of Dos Attacks

Image
Interactive gulp toolkit for parcel manipulations, sniffing, man inwards the middle attacks, fuzzing, simulating of dos attacks. Video Setup git clone https://github.com/halitalptekin/isip.git cd isip pip install -r requirements.txt Usage Packet manipulation tools are inwards packet cmd loop. First start, you lot are inwards the main cmd loop. isip:main> parcel isip:packet> Create a novel gulp parcel amongst new command. If you lot don't write name, isip practise the parcel named yesteryear message-{id} . isip:packet> novel isip:packet> novel r1 List the all created gulp packets amongst list command. isip:packet> list Show properties of packets amongst show command. You tin type ip , udp or sip amongst show command. isip:packet> present message-1 isip:packet> present message-1 ip isip:packet> present message-1 udp isip:packet> present message-1 gulp isip:packet> present message-1 ip src isip:packet> pre...

Sniffair - A Framework For Wireless Pentesting

Image
SniffAir is an open-source wireless safety framework which provides the mightiness to easily parse passively collected wireless information every bit good every bit launch sophisticated wireless attacks. SniffAir takes aid of the hassle associated alongside managing large or multiple pcap files land thoroughly cross-examining as well as analyzing the traffic, looking for potential safety flaws. Along alongside the prebuilt queries, SniffAir allows users to exercise custom queries for analyzing the wireless information stored inward the backend SQL database. SniffAir is built on the concept of using these queries to extract information for wireless penetration test reports. The information tin every bit good survive leveraged inward setting upwards sophisticated wireless attacks included inward SniffAir every bit modules. SniffAir is developed past times @Tyl0us as well as @theDarracott Install SniffAir was developed alongside Python version 2.7 Tested as well as supported o...

Parrot Safety 4.3 - Safety Gnu/Linux Distribution Designed Alongside Cloud Pentesting As Well As Iot Safety Inwards Mind

Image
Parrot 4.3 is right away available for download.  This liberate provides safety too stability updates too is the starting signal for the innovation to railroad train an LTS edition of Parrot. Linux 4.18 Linux was updated to the 4.18.10 version, too linux 4.19 volition hold out released soon. Firefox 63 Firefox 63 provides noticeable safety too privacy features, but it is no longer available to 32bit systems, too thence has been switched to firefox-esr on all the unsupported architectures. Wine menu Has been fixed a põrnikas inwards the parrot card configuration that prevented several card categories to exhibit up. This fixed the missing vino card bug, which is right away dorsum again. Bashrc updates The Parrot .bashrc file was updated, right away it provides ameliorate snap support, the ll alias right away shows the size inwards a human readable format too it does no longer overwrite to a greater extent than or less global settings every b...

Robber - Tool For Finding Executables Prone To Dll Hijacking

Image
Robber is a costless opened upwardly source tool developed using Delphi XE2 without whatever third political party dependencies. What is DLL hijacking ?! Windows has a search path for DLLs inwards its underlying architecture. If yous tin figure out what DLLs an executable requests without an absolute path (triggering this search process), yous tin as well as then house your hostile DLL somewhere above the search path thence it'll live on constitute earlier the existent version is, as well as Windows volition happilly feed your laid upwardly on code to the application. So, let's pretend Windows's DLL search path looks something similar this: A) . <-- electrical flow working directory of the executable, highest priority, showtime check B) \Windows C) \Windows\system32 D) \Windows\syswow64 <-- lowest priority, final check as well as unopen to executable "Foo.exe" requests "bar.dll", which happens to alive ...

Scannerl - The Modular Distributed Fingerprinting Engine

Image
Scannerl is a modular distributed fingerprinting engine implemented past times Kudelski Security . Scannerl tin give the axe fingerprint thousands of targets on a unmarried host, but tin give the axe precisely every bit easily last distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl industrial plant on Debian/Ubuntu/Arch (but volition likely locomote on other distributions every bit well). It uses a master/slave architecture where the master copy node volition distribute the locomote (host(s) to fingerprint) to its slaves (local or remote). The entire deployment is transparent to the user. Why job Scannerl When using conventional fingerprinting tools for large-scale analysis, safety researchers volition oftentimes hitting 2 limitations: first, these tools are typically built for scanning comparatively few hosts at a fourth dimension as well as are inappropriate for large ranges of IP addresses. Second, if large hit of IP...

Armor - Tool Designed To Practise Encrypted Macos Payloads Capable Of Evading Antivirus Scanners

Image
Armor is a unproblematic Bash script designed to exercise encrypted macOS payloads capable of evading antivirus scanners. Below is an example gif of Armor existence used alongside a unproblematic Netcat payload. H5N1 Netcat listener is started on port 4444. The "payload.txt" file is read in addition to shown to incorporate a unproblematic Bash one-liner that, when executed, volition exercise a TCP connector betwixt the target MacBook at the attacker's Netcat listener. Armor is used to encrypt the bash one-liner. Ncat is used to host the decryption cardinal on the attacker's server. When the stager is executed inward the target MacBook (not shown inward the gif), the bash one-liner is decrypted in addition to executed without writing whatever information to the harddrive. Ncat at nowadays terminates the listener afterwards the cardinal has been used. When the Netcat connector is established, the assailant has remote access to the target MacBook. Admittedl...

Sqlmap V1.2.11 - Automatic Sql Injection In Addition To Database Takeover Tool

Image
SQLMap is an opened upwards source penetration testing tool that automates the procedure of detecting in addition to exploiting SQL injection flaws in addition to taking over of database servers. It comes alongside a powerful detection engine, many niche features for the ultimate penetration tester in addition to a wide hit of switches lasting from database fingerprinting, over information fetching from the database, to accessing the underlying file organization in addition to executing commands on the operating organization via out-of-band connections. Features Full back upwards for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB, HSQLDB in addition to Informix database administration systems. Full back upwards for half-dozen SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query-based, stacked queries in addition to out-of-band . Support to directly connect to the data...

Aes-Killer V3.0 - Burp Plugin To Decrypt Aes Encrypted Traffic Of Mobile Apps On The Fly

Image
Burpsuite Plugin to decrypt AES Encrypted traffic on the fly. Requirements Burpsuite Java Tested on Burpsuite 1.7.36 Windows 10 xubuntu 18.04 Kali Linux 2018 What it does The IProxyListener decrypt requests too encrypt responses, too an IHttpListener than encrypt requests too decrypt responses. Burp sees the decrypted traffic, including Repeater, Intruder too Scanner, simply the client/mobile app too server come across the encrypted version. NOTE: Currently back upwards AES/CBC/PKCS5Padding encryption/decryption. How it works Require AES Encryption Key (Can move obtained yesteryear using frida script or reversing mobile app) Require AES Encryption Initialize Vector (Can move obtained yesteryear using frida script or reversing mobile app) Request Parameter (Leave blank inward illustration of whole asking body) Response Parameter (Leave blank inward illustration of whole reply body) Character Separated amongst infinite for obfuscation on request/...

Docker-Inurlbr - Advanced Search Inwards Search Engines, Enables Analysis Provided To Exploit Leave Of Absence / Post Capturing Emails & Urls

Image
Advanced search inward search engines, enables analysis provided to exploit GET / POST capturing emails & urls, alongside an internal custom validation junction for each target / url found. How to build git clone https://github.com/gmdutra/docker-inurlbr.git cd docker-inurlbr docker create -t gmdutra/inurlbr . Run docker run --name inurlbr -it -d gmdutra/inurlbr HELP: -h --help Alternative long length care command. --ajuda Command to specify Help. --info Information script. --update Code update. -q Choose which search engine you lot desire through [1...24] / [e1..6]]: [options]: 1 - GOOGLE / (CSE) GENERIC RANDOM / API two - BING three - YAHOO BR 4 - ASK v - HAO123 BR six - GOOGLE (API) seven - LYCOS 8 - UOL BR nine - YAHOO the States 10 - SAPO xi - DMOZ 12 - GIGABLAST xiii - NEVER fourteen - BAIDU BR xv - YANDEX xvi - ZOO 17 - HOTBOT ...

Smwyg-Show-Me-What-You-Got - Tool To Search 1.4 Billion Clear Text Credentials Which Was Dumped Every Mo Purpose Of Breachcompilation Leak

Image
This tool allows you lot to perform OSINT together with reconnaissance on an scheme or an individual. It allows i to search 1.4 Billion clear text credentials which was dumped equally business office of BreachCompilation leak. This database makes finding passwords faster together with easier than e'er before. Screenshot Above ikon search the credentials for uber.com together with convey flora 203 accounts. Pre-requisites Make certain you lot convey installed the following: - Python 3.0 or later. - pip3 (sudo apt-get install python3-pip) How to install? git clone https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got.git cd SMWYG-Show-Me-What-You-Got pip3 install -r requirements.txt How apply I role this? Press 1: This volition permit i to search credentials based on domain name. Press 2: This volition permit i to search credentials for a specific electronic mail address. Press 3: To run from the program. Tips to remain secure Change your passw...

Invisi-Shell - Shroud Your Powershell Script Inwards Manifestly Sight (Bypass All Powershell Safety Features)

Image
Hide your powershell script inwards obviously sight! Invisi-Shell bypasses all of Powershell safety features (ScriptBlock logging, Module logging, Transcription, AMSI) yesteryear hooking .Net assemblies. The claw is performed via CLR Profiler API. Work In Progress This is nevertheless a preliminary version intended equally a POC. The code industrial plant exclusively on x64 processes together with tested against Powershell V5.1. Usage Copy the compiled InvisiShellProfiler.dll from /x64/Release/ folder alongside the ii batch files from the root directory (RunWithPathAsAdmin.bat & RunWithRegistryNonAdmin.bat) to the same folder. Run either of the batch files (depends if yous bring local admin privelledges or not) Powershell console volition run. Exit the powershell using the leave of absence ascendance (DON'T CLOSE THE WINDOW) to permit the batch file to perform proper cleanup. Compilation Project was created alongside Visual Studio 2013. You should in...