sf

Armor is a unproblematic Bash script designed to exercise encrypted macOS payloads capable of evading antivirus scanners. Below is an example gif of Armor existence used alongside a unproblematic Netcat payload. H5N1 Netcat listener is started on port 4444. The "payload.txt" file is read in addition to shown to incorporate a unproblematic Bash one-liner that, when executed, volition exercise a TCP connector betwixt the target MacBook at the attacker's Netcat listener. Armor is used to encrypt the bash one-liner. Ncat is used to host the decryption cardinal on the attacker's server. When the stager is executed inward the target MacBook (not shown inward the gif), the bash one-liner is decrypted in addition to executed without writing whatever information to the harddrive. Ncat at nowadays terminates the listener afterwards the cardinal has been used. When the Netcat connector is established, the assailant has remote access to the target MacBook. Admittedl...

dawnscanner is a source code scanner designed to review your ruby code for safety issues. dawnscanner is able to scan manifestly ruby scripts (e.g. command trace applications) but all its features are unleashed when dealing amongst spider web applications source code. dawnscanner is able to scan major MVC (Model View Controller) frameworks, out of the box: Ruby on Rails Sinatra Padrino Quick update from November, 2018 As yous tin run into dawnscanner is on concord since to a greater extent than together with thus an year. Sorry for that. It's life. I was overwhelmed past times tons of materials together with I dedicated gratis fourth dimension to Offensive Security certifications. True to hold out told, I'm starting OSCE journeying truly soon. The dawnscanner projection volition hold out updated shortly amongst novel safety checks together with kickstarted again. Paolo dawnscanner version 1.6.6 has 235 safety checks loaded inwards its cognition base. M...

author: Felix Weyne ( website ) ( Twitter ) Imaginary C2 is a python tool which aims to assistance inward the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to larn inward slow to replay captured Command-and-Control responses/served payloads. By using this tool, an analyst tin feed the malware consistent network responses (e.g. C&C instructions for the malware to execute). Additionally, the analyst tin capture as well as inspect HTTP requests towards a domain/IP which is off-line at the fourth dimension of the analysis. Replay package captures Imaginary C2 provides 2 scripts to convert packet captures (PCAPs) or Fiddler Session Archives into request definitions which tin survive parsed yesteryear imaginary C2. Via these scripts the user tin extract HTTP asking URLs as well as domains, every bit good every bit HTTP responses. This way...

The UEFI firmware parser is a unproblematic module in addition to laid upward of scripts for parsing, extracting, in addition to recreating UEFI firmware volumes. This includes parsing modules for BIOS, OptionROM, Intel ME in addition to other formats too. Please purpose the instance scripts for parsing tutorials. Installation This module is included inside PyPy equally uefi_firmware $ sudo pip install uefi_firmware To install from Github, checkout this repo in addition to use: $ sudo python ./setup.py install Requirements Python evolution headers, unremarkably constitute inwards the python-dev package. The compression/decompression features volition purpose the python headers in addition to gcc . pefile is optional, in addition to may live on used for additional parsing. Usage The simplest means to purpose the module to discover or parse firmware is through the AutoParser class. import uefi_firmware alongside open('/path/to/firmware.rom', 'r...

IP obfuscator made to brand a malicious ip a flake cuter H5N1 elementary python tool to tending you lot to social engineer, bypass whitelisting firewalls, potentially suspension regex rules for command line logging looking for IP addresses in addition to obfuscate cleartext strings to C2 locations inside the payload. All of that is only done alongside obfuscating ip to many forms. Usage usage: Cuteit.py [-h] [--disable-coloring] ip positional arguments: ip IP you lot desire to convert optional arguments: -h, --help exhibit this tending message in addition to give-up the ghost --disable-coloring Disable colored printing Screenshot Using it equally a module! You tin role this script equally a module inward your python scripts equally follows: import Cuteit convert = Cuteit.lib(ip) print(convert.hex) in addition to the photograph bellow shows that inward action: Download Cuteit

The easiest agency to run a Linux distribution or application on Android . Features: Run sum linux distros or specific applications on piece of employment past times of Android. Install in addition to uninstall similar a regular app. No root required. Start using UserLAnd There are ii ways to purpose UserLAnd: single-click apps in addition to user-defined custom sessions. Using single-click apps: Click an app. Fill out the required information. You're expert to go! Using user-defined custom sessions: Define a session - This describes what filesystem you lot are going to use, in addition to what form of service you lot desire to purpose when connecting to it (ssh or vnc). Define a filesystem - This describes what distribution of Linux you lot desire to install. Once defined, only tap on the session to start up. This volition download necessary assets, setup the filesystem, start the server, in addition to connect to it. This volition conduct maintain s...

Ghidra is a software reverse applied scientific discipline (SRE) framework created in addition to maintained past times the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a multifariousness of platforms including Windows, Mac OS, in addition to Linux. Capabilities include disassembly, assembly, decompilation, graphing, in addition to scripting, along alongside hundreds of other features. Ghidra supports a broad multifariousness of procedure teaching sets in addition to executable formats in addition to tin survive run inward both user-interactive in addition to automated modes. Users may also prepare their ain Ghidra plug-in components and/or scripts using Java or Python. In back upwardly of NSA's Cybersecurity mission, Ghidra was built to solve scaling in addition to teaming problems on complex SRE efforts, in addition to to furnish a customiza...

FFM is a hacking harness that y'all tin occupation during the post-exploitation stage of a red-teaming engagement. The see of the tool was derived from a 2007 conference from @thegrugq. It was presented at SSTIC 2018 as well as the accompanying slide deck is available at this url . If you're non familiar amongst this flat of tools, it is strongly advised to conduct maintain a seem at them to empathise what a hacking harness' role is. All the comments are included inwards the slides. Usage The goal of a hacking harness is to deed equally a helper that automates mutual tasks during the post-exploitation phase, but also safeguards the user against mistakes they may make. It is an instrumentation of the shell. Run ./ffm.py to activate it as well as y'all tin start working immediately. There are 2 commands y'all demand to know about: Type !list to display the commands provided past times the harness. Type SHIFT+TAB to perform tab completion on the loca...

PowerShellArsenal is a PowerShell module used to assistance a contrary engineer. The module tin last used to disassemble managed in addition to unmanaged code, perform .NET malware analysis, analyze/scrape memory, parse file formats in addition to retentiveness structures, obtain internal organisation information, etc. PowerShellArsenal is comprised of the next tools: Disassembly Disassemble native in addition to managed code. Get-CSDisassembly Disassembles a byte array using the Capstone Engine disassembly framework. Get-ILDisassembly Disassembles a raw MSIL byte array passed inward from a MethodInfo object inward a fashion similar to that of Ildasm. MalwareAnalysis Useful tools when performing malware analysis. New-FunctionDelegate Provides an executable wrapper for an X86 or X86_64 function. Invoke-LoadLibrary Loads a DLL into the electrical flow PowerShell process. New-DllExportFunction Creates an executable wrapper delegate some an unmanaged, exported f...

XanXSS is a reflected XSS searching tool (DOM coming soon) that creates payloads based from templates. Unlike other XSS scanners that but run through a listing of payloads. XanXSS tries to brand the payload unidentifiable, for example: <xAnXSS</TitLE></STYLE><SVG/ONload='alERt(1);'/></XaNxSs</titLe></StYlE><SvG/ONlOAD='alerT(1);'/> <ifrAmE&#13;Src=&#160;[2].Find(CoNfirm);=&#160;"JAVaScRIpT:proMpT(1))"javAscrIpt:/*--></scRIPt> />cLIcK&#13;Me!</b</TextaRea></TiTLE><BUTtON ONcLIck='aleRT(1);'/>XaNxss</TEXTaRea> <iMG&#13;sRc=%0acONfIRM();=+'jAVASCRiPT:alerT("XSS");'</STYlE><Svg/onLoad='alErT((1));'/> With XanXSS every payload is different. XanXSS plant past times running through the payloads until a specified reveal is establish or a timer hits the max time, this prevents it from looping for to long. Some of...

pocsuite3 is an open-sourced remote vulnerability testing in addition to proof-of-concept evolution framework developed past times the Knownsec 404 Team . It comes amongst a powerful proof-of-concept engine, many powerful features for the ultimate penetration testers in addition to safety researchers. Features PoC scripts tin running amongst attack , verify , shell agency inwards dissimilar way Plugin ecosystem Dynamic loading PoC script from whatever where (local file, redis , database, Seebug ...) Load multi-target from whatever where (CIDR, local file, redis , database, Zoomeye, Shodan ...) Results tin hold out easily exported Dynamic piece in addition to claw requests Both command line tool in addition to python package import to use IPV6 support Global HTTP/HTTPS/SOCKS proxy support Simple spider API for PoC script to use Integrate amongst Seebug (for charge PoC from Seebug website) Integrate amongst ZoomEye (for charge target from ZoomEye Dork ) Integrate a...

This tool tin give the sack move used to brute discover GET together with POST parameters Often when y'all are busting a directory for mutual files, y'all tin give the sack position scripts (for instance test.php) that await similar they ask to move passed an unknown parameter. This hopefully tin give the sack assistance notice them. The -off flag allows y'all to specify an foremost (helps amongst dynamic pages) together with thus for example, if y'all were getting alternating reply sizes of 4444 together with 4448, gear upward the foremost to v together with it volition alone exhibit the materials exterior the norm. Installation virtualenv venv . ./venv/bin/activate pip install -u -r requirements.txt Usage usage: parameth.py [-h] [-v] [-u URL] [-p PARAMS] [-H HEADER] [-a AGENT] [-t THREADS] [-off VARIANCE] [-diff DIFFERENCE] [-o OUT] [-P PROXY] [-x IGNORE] [-s SIZEIGNORE] [-d DATA] [-i IGME...