Clik here to view.
cmsPoc - A CMS Exploit Framework
A CMS Exploit Framework.Requirementspython2.7Works on Linux, WindowsUsageusage: cmspoc.py [-h] -t TYPE -s SCRIPT -u URLoptional arguments: -h, --help show this help message and exit -t TYPE, --type...
View ArticleClik here to view.
Fake Sandbox Processes (FSP) - Tool to simulate fake processes of analysis...
This small script will simulate fake processes of analysis, sandbox and/or VM software that some malware will try to avoid. You can download the original script (made by @x0rz ) in the orig...
View ArticleClik here to view.
ROC - Infineon RSA Vulnerability
This tool is related to ACM CCS 2017 conference paper #124 Return of the Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli.It enables you to test public RSA keys for a presence of...
View ArticleClik here to view.
DumpsterFire - Security Incidents In A Box!
DumpsterFire Toolset - "Security Incidents In A Box!"The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily...
View ArticleClik here to view.
Enigma - Multiplatform Payload Dropper
Enigma is a Multiplatform payload dropper.Rungit clone https://github.com/UndeadSec/Enigma.gitcd Enigmapython enigma.pyorpython3 enigma3.pyPrerequisitespython 2.7 for enigma.pypython 3.x for...
View ArticleClik here to view.
SpookFlare - Meterpreter Loader Generator With Multiple Features For...
SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection....
View ArticleClik here to view.
Phishing Catcher - Catching malicious phishing domain names using Certstream...
Catching malicious phishing domain names using certstream SSL certificates live stream.This is just a working PoC, feel free to contribute and tweak the code to fit your needs.InstallationThe script...
View ArticleClik here to view.
Excalibur - An Eternalblue exploit payload based Powershell
Excalibur is an Eternalblue exploit based "Powershell" for the Bashbunny project. It's purpose is to reflect on how a "simple" USB drive can execute the 7 cyber kill chain. Excalibur may be used only...
View ArticleClik here to view.
Tilt - Terminal Ip Lookup Tool
Tilt: Terminal ip lookup tool, is an easy and simple open source tool implemented in Python for ip/host passive reconnaissance. It's very handy for first reconnaissance approach and for host data...
View ArticleClik here to view.
SimpleWall - Simple tool to configure Windows Filtering Platform (WFP)
Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.The lightweight application is less than a megabyte, and it is compatible with Windows...
View ArticleClik here to view.
OnionShare - Securely and anonymously share a file of any size
OnionShare lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and...
View ArticleClik here to view.
Skype Log Viewer - Download and View Skype History Without Skype
Download and View Skype History Without Skype.This program allows you to view all of your skype chat logs and then easily export them as text files.It correctly organizes them by conversation, and...
View ArticleClik here to view.
PortEx - Java library to analyse Portable Executable files with a special...
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted...
View ArticleClik here to view.
Kali Linux 2017.3 Release - The Best Penetration Testing Distribution
Kali Linux 2017.3 released, which includes all patches, fixes, updates, and improvements since our last release. In this release, the kernel has been updated to 4.13.10 and it includes some notable...
View ArticleClik here to view.
WSC2 - A WebSocket C2 Tool
WSC2 is a PoC of using the WebSockets and a browser process to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2...
View ArticleClik here to view.
IP-Biter - The Hacker-friendly E-Mail Tracking Framework
IP-Biter is an open source, easy to deploy, tracking framework that generate high configurables and uniques tracking images and links to embed in e-mails, sites or chat systems and visualize, in an...
View ArticleClik here to view.
sAINT - A Spyware Generator for Windows systems written in Java
(s)AINT is a Spyware Generator for Windows systems written in Java.FeaturesKeyloggerTake ScreenshotWebcam CapturePersistenceTested OnKali Linux - ROLLING EDITIONHow To Use# Install dependencies (you...
View ArticleClik here to view.
DDEtect - Simple DDE Object Detector
Written by Amit Serper, @0xAmit DDEtector is a simple DDE object detector written in pythonCurrently supports only word DOCX and legacy DOC filesPrints the contents of the DDE payloads (Note: In some...
View ArticleClik here to view.
DBC2 (DropboxC2) - A Modular Post-Exploitation Tool, Composed Of An Agent...
DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of...
View ArticleClik here to view.
EmbedInHTML - Embed and hide any file in an HTML file
What this tool does is taking a file (any type of file), encrypt it, and embed it into an HTML file as ressource, along with an automatic download routine simulating a user clicking on the embedded...
View Article