PSC – E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward
DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions,...
tools
SSRF-King – SSRF Plugin For Burp Automates SSRF Detection In All Of The Request
SSRF plugin for burp that Automates SSRF Detection in all of the RequestUpcoming Features ChecklistIt will soon have a user...
CSSG – Cobalt Strike Shellcode Generator
Adds Shellcode - Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used...
Arbitrium-RAT – A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux
Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows...
JWT Key ID Injector – Simple Python Script To Check Against Hypothetical JWT Vulnerability
Simple python script to check against hypothetical JWT vulnerability. Let's say there is an application that uses JWT tokens signed...
Tritium – Password Spraying Framework
A tool to enumerate and spray valid Active Directory accounts through Kerberos Pre-Authentication. BackgroundAlthough many Kerberos password spraying tools currently...
SharpEDRChecker – Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV’s, EDR’s And Logging Tools
New and improved C# Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each...
Emba – An Analyzer For Linux-based Firmware Of Embedded Devices
emba is being developed as a firmware scanner that analyses already-extracted Linux-based firmware images. It should help you to identify...
Upcoming Rapid7 Webcast: How Far Does Your VRM Strategy Go?
Web applications have been growing in complexity over the past several years, while also becoming the preferred method for attackers...
Batea – AI-based, Context-Driven Network Device Ranking
Batea is a context-driven network device ranking framework based on the anomaly detection family of machine learning algorithms. The goal...
Duf – Disk Usage/Free Utility (Linux, BSD, macOS & Windows)
Disk Usage/Free Utility (Linux, BSD, macOS & Windows) FeaturesUser-friendly, colorful output Adjusts to your terminal's width Sort the results according...
State-Sponsored Threat Actors Target Security Researchers
This blog was co-authored by Caitlin Condon, VRM Security Research Manager, and Bob Rudis, Senior Director and Chief Security Data...
Shellex – C-shellcode To Hex Converter, Handy Tool For Paste And Execute Shellcodes In Gdb, Windbg, Radare2, Ollydbg, X64Dbg, Immunity Debugger And 010 Editor
C-shellcode to hex converter. Handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger &...
Recon Simplified with Spyse
One of the major struggles in bug bounty hunting is to collect and analyze data during reconnaissance, especially when there...
Finding Results at the Intersection of Security and Engineering
As vice president and head of global security at ActiveCampaign, I’m fortunate to be able to draw on a multitude...
WSuspicious – A Tool To Abuse Insecure WSUS Connections For Privilege Escalations
This is a proof of concept program to escalate privileges on a Windows host by abusing WSUS. Details in this...
ATMMalScan – Tool for Windows which helps to search for malware traces on an ATM during the DFIR process
ATMMalScan is a commandline tool for Windows operating systems version 7 and higher, which helps to search for malware traces...
Xnuspy – An iOS Kernel Function Hooking Framework For Checkra1N’Able Devices
Output from the kernel log after compiling and running example/open1_hook.c xnuspy is a pongoOS module which installs a new system...
Zmap – A Fast Single Packet Network Scanner Designed For Internet-wide Network Surveys
ZMap is a fast single packet network scanner designed for Internet-wide network surveys. On a typical desktop computer with a...
Sigurlx – A Web Application Attack Surface Mapping Tool
sigurlx a web application attack surface mapping tool, it does ...: Categorize URLs URLs' categories: > endpoint > js {js}...
MetaFinder – Search For Documents In A Domain Through Google
Search For Documents In A Domain Through Google. The Objective Is To Extract Metadata.Installing dependencies:> git clone https://github.com/Josue87/MetaFinder.git> cd MetaFinder>...
WPCracker – WordPress User Enumeration And Login Brute Force Tool
WordPress user enumeration and login Brute Force tool for Windows and Linux With the Brute Force tool, you can control...
CDK – Zero Dependency Container Penetration Toolkit
CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency....
Principles for personal information security legislation
It goes without saying that the 117th US Congress has a lot to get done and many legitimate priorities are...
