Useful tips


Asset Discover – Burp Suite Extension To Discover Assets From HTTP Response

Burp Suite extension to discover assets from HTTP response using passive scanning. Refer our blog Asset Discovery using Burp Suite for more details.The extension is now part of the BApp store and can be installed directly from the Burp Suite. parses HTTP response of the URLs in scope and identifies different type assets such […]


NetAss2 – Network Assessment Assistance Framework

Easier network scanning with NetAss2 (Network Assessment Assistance Framework). Make it easy for Pentester to do penetration testing on network. Dependencies nmap (tool) zmap (tool) Installation git clone cd NetAss2 sudo chmod +x install.bash sudo ./install.bash Run netass2 Existing Menu – HOST DISCOVERY- PORT SCAN ON SINGLE HOST- MASSIVE PORT SCAN VIA DISCOVERED HOSTS- […]


Rsdl – Subdomain Scan With Ping Method

Subdomain Scan With Ping Method. Flags Value Description –hostname Domain for scan. –output Records the output with the domain name. –list /tmp/lists/example.txt Lister for subdomains. Installation go get clone repo and build ( go build rsdl.go ) Used Repos. GO Spinner : – [ go get ] GO Ping : […]


Cacti – Complete Network Graphing Solution

IMPORTANTWhen using source or by downloading the code directly from the repository, it is important to run the database upgrade script if you experience any errors referring to missing tables or columns in the database.Changes to the database are committed to the cacti.sql file which is used for new installations and committed to the installer […]


HAL – The Hardware Analyzer

HAL [/hel/] is a comprehensive reverse engineering and manipulation framework for gate-level netlists focusing on efficiency, extendability and portability. HAL comes with a fully-fledged plugin system, allowing to introduce arbitrary functionalities to the core. Apart from multiple research projects, HAL is also used in our university lecture Introduction to Hardware Reverse Engineering.Features Natural directed graph […]


GCPBucketBrute – A Script To Enumerate Google Storage Buckets, Determine What Access You Have To Them, And Determine If They Can Be Privilege Escalated

A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated. This script (optionally) accepts GCP user/service account credentials and a keyword. Then, a list of permutations will be generated from that keyword which will then be used to scan for the existence of […]


threat_note – DPS’ Lightweight Investigation Notebook

threat_note is a web application built by Defense Point Security to allow security researchers the ability to add and retrieve indicators related to their research. As of right now this includes the ability to add IP Addresses, Domains and Threat Actors, with more types being added in the future.This app fills the gap between various […]


Sgx-Step – A Practical Attack Framework For Precise Enclave Execution Control

SGX-Step is an open-source framework to facilitate side-channel attack research on Intel SGX platforms. SGX-Step consists of an adversarial Linux kernel driver and user space library that allow to configure untrusted page table entries and/or x86 APIC timer interrupts completely from user space. Our research results have demonstrated several new and improved enclaved execution attacks […]


DFIRtriage – Digital Forensic Acquisition Tool For Windows Based Incident Response

DFIRtriage is a tool intended to provide Incident Responders with rapid host data. Written in Python, the code has been compiled to eliminate the dependency of python on the target host. The tool will run a variety of commands automatically upon execution. The acquired data will reside in the root of the execution directory. DFIRTriage […]