TIPS WORLD

Rsdl – Subdomain Scan With Ping Method

Subdomain Scan With Ping Method. Flags Value Description –hostname example.com Domain for scan. –output Records the output with the domain name. –list /tmp/lists/example.txt Lister for subdomains. Installation go get github.com/tismayil/rsdl clone repo and build ( go build rsdl.go ) Used Repos. GO Spinner : github.com/briandowns/spinner – [ go get github.com/briandowns/spinner ] GO Ping : github.com/sparrc/go-ping […]

TIPS WORLD

Cacti – Complete Network Graphing Solution

IMPORTANTWhen using source or by downloading the code directly from the repository, it is important to run the database upgrade script if you experience any errors referring to missing tables or columns in the database.Changes to the database are committed to the cacti.sql file which is used for new installations and committed to the installer […]

TIPS WORLD

HAL – The Hardware Analyzer

HAL [/hel/] is a comprehensive reverse engineering and manipulation framework for gate-level netlists focusing on efficiency, extendability and portability. HAL comes with a fully-fledged plugin system, allowing to introduce arbitrary functionalities to the core. Apart from multiple research projects, HAL is also used in our university lecture Introduction to Hardware Reverse Engineering.Features Natural directed graph […]

TIPS WORLD

GCPBucketBrute – A Script To Enumerate Google Storage Buckets, Determine What Access You Have To Them, And Determine If They Can Be Privilege Escalated

A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated. This script (optionally) accepts GCP user/service account credentials and a keyword. Then, a list of permutations will be generated from that keyword which will then be used to scan for the existence of […]

TIPS WORLD

threat_note – DPS’ Lightweight Investigation Notebook

threat_note is a web application built by Defense Point Security to allow security researchers the ability to add and retrieve indicators related to their research. As of right now this includes the ability to add IP Addresses, Domains and Threat Actors, with more types being added in the future.This app fills the gap between various […]

Linux TIPS WORLD

Sgx-Step – A Practical Attack Framework For Precise Enclave Execution Control

SGX-Step is an open-source framework to facilitate side-channel attack research on Intel SGX platforms. SGX-Step consists of an adversarial Linux kernel driver and user space library that allow to configure untrusted page table entries and/or x86 APIC timer interrupts completely from user space. Our research results have demonstrated several new and improved enclaved execution attacks […]

TIPS WORLD

DFIRtriage – Digital Forensic Acquisition Tool For Windows Based Incident Response

DFIRtriage is a tool intended to provide Incident Responders with rapid host data. Written in Python, the code has been compiled to eliminate the dependency of python on the target host. The tool will run a variety of commands automatically upon execution. The acquired data will reside in the root of the execution directory. DFIRTriage […]

TIPS WORLD

Vscan – Vulnerability Scanner Tool Using Nmap And Nse Scripts

vulnerability scanner tool is using nmap and nse scripts to find vulnerabilitiesThis tool puts an additional value into vulnerability scanning with nmap. It uses NSE scripts which can add flexibility in terms of vulnerability detection and exploitation. Below there are some of the features that NSE scripts provide Network discovery More sophisticated version detection Vulnerability […]

TIPS WORLD

Sojobo – A Binary Analysis Framework

Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don’t need to install or compile any other external libraries (the project is self contained).With Sojobo you can: Emulate a (32 bit) PE binary Inspect the memory of […]