ПОРАДИ СВІТ

UAC-A-Mola – Tool That Allows Security Researchers To Investigate New UAC Bypasses, In Addition To Detecting And Exploiting Known Bypasses

UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses. The strong point of uac-a-mola is that it was created so that other researchers can carry out the work and process of […]

Поради Linux ПОРАДИ СВІТ

SUID3NUM – A Script Which Utilizes Python’S Built-In Modules To Find SUID Bins, Separate Default Bins From Custom Bins, Cross-Match Those With Bins In GTFO Bin’s Repository & Auto-Exploit Those

A standalone python script which utilizes python’s built-in modules to find SUID bins, separate default bins from custom bins, cross-match those with bins in GTFO Bin’s repository & auto-exploit those, all with colors! DescriptionA standalone script supporting both python2 & python3 to find out all SUID binaries in machines/CTFs and do the following List all […]

ПОРАДИ СВІТ

FOCA – Tool To Find Metadata And Hidden Information In The Documents

FOCA (Fingerprinting Organizations with Collected Archives)FOCA is a tool used mainly to find metadata and hidden information in the documents it scans. These documents may be on web pages, and can be downloaded and analysed with FOCA.It is capable of analysing a wide variety of documents, with the most common being Microsoft Office, Open Office, […]

Поради Linux Дослідження ПОРАДИ СВІТ

IoT-Implant-Toolkit – Toolkit For Implant Attack Of IoT Devices

IoT-Implant-Toolkit is a framework of useful tools for malware implantation research of IoT devices. It is a toolkit consisted of essential software tools on firmware modification, serial port debugging, software analysis and stable spy clients. With an easy-to-use and extensible shell-like environment, IoT-Implant-Toolkit is a one-stop-shop toolkit simplifies complex procedure of IoT malware implantation.In our […]

Поради Linux ПОРАДИ СВІТ

Discover – Custom Bash Scripts Used To Automate Various Penetration Testing Tasks Including Recon, Scanning, Parsing, And Creating Malicious Payloads And Listeners With Metasploit

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit. For use with Kali Linux and the Penetration Testers Framework (PTF). Lee Baird @discoverscripts Jay “L1ghtn1ng” Townsend @jay_townsend1 Jason Ashton @ninewires Download, setup, and usage git clone https://github.com/leebaird/discover /opt/discover/ All scripts must be […]

ПОРАДИ СВІТ

Rbuster – Yet Another Dirbuster

yet another dirbuster Common Command line options -a <user agent string> – specify a user agent string to send in the request -c <http cookies> – use this to specify any cookies that you might need (simulating auth). header. -f – force processing of a domain with wildcard results. -l – show the length of […]

ПОРАДИ СВІТ

XMLRPC Bruteforcer – An XMLRPC Brute Forcer Targeting WordPress

An XMLRPC brute forcer targeting WordPress written in Python 3. In the context of xmlrpc brute forcing, its faster than Hydra and WpScan. It can brute force 1000 passwords per second. Usage python3 xmlrcpbruteforce.py http://wordpress.org/xmlrpc.php passwords.txt usernamepython3 xmlrpcbruteforce.py http://wordpress.org/xmlrpc.php passwords.txt userlist.txt BugsIf you get an xml.etree.ElementTree.ParseError: Did you forget to add ‘xmlrpc’ in the url […]

Поради Linux ПОРАДИ СВІТ

Dirstalk – Modern Alternative To Dirbuster/Dirb

Dirstalk is a multi threaded application designed to brute force paths on web servers.The tool contains functionalities similar to the ones offered by dirbuster and dirb.Here you can see it in action: How to use itThe application is self-documenting, launching dirstalk -h will return all the available commands with a short description, you can get […]

ПОРАДИ СВІТ ВРАЗЛИВОСТІ

Cotopaxi – Set Of Tools For Security Testing Of Internet Of Things Devices Using Specific Network IoT Protocols

Set of tools for security testing of Internet of Things devices using protocols like: CoAP, DTLS, HTCPCP, mDNS, MQTT, SSDP.Installation:Simply clone code from git: https://github.com/Samsung/cotopaxi Requirements:Currently Cotopaxi works only with Python 2.7.x, but future versions will work also with Python 3.If you have previous installation of scapy without scapy-ssl_tls, please remove it or use venv.Installation […]

ПОРАДИ СВІТ

Auto Re – IDA PRO Auto-Renaming Plugin With Tagging Support

IDA PRO Auto-Renaming Plugin With Tagging Support Features 1. Auto-renaming dummy-named functions, which have one API call or jump to the imported API Before After 2. Assigning TAGS to functions accordingly to called API-indicators inside Sets tags as repeatable function comments and displays TAG tree in the separate view Some screenshots of TAGS view: How […]