The security of mobile devices has become a critical concern due to the increasing amount of sensitive data being stored on them. With the rise of Android OS as the most popular mobile platform, the need for effective tools to assess its security has also increased. In response to this need, a new Android frameworkRead More
DC Sonar Community Repositories The project consists of repositories: dc-sonar-frontend dc-sonar-user-layer dc-sonar-workers-layer ntlm-scrutinizer Disclaimer It’s only for education purposes. Avoid using it on the production Active Directory (AD) domain. Neither contributor incur any responsibility for any using it. Social media Check out our Red Team community Telegram channel Description Architecture For the visual descriptions, openRead More
AlphaGolang is a collection of IDAPython scripts to help malware reverse engineers master Go binaries. The idea is to break the scripts into concrete steps, thus avoiding brittle monolithic scripts, and mimicking the methodology an analyst might follow when tackling a Go binary. Scripts are released under GPL license (honoring Tim Strazzere’s original GolangLoaderAssist whichRead More
Furious Beaver is a distributed tool for capturing IRPs sent to any Windows driver. It operates in 2 parts: the “Broker” combines both a user-land agent and a self-extractable driver (IrpDumper.sys) that will install itself on the targeted system. Once running it will expose (depending on the compilation options) a remote named pipe (reachable fromRead More
Helper plugin for analyzing UEFI firmware. This plugin contains the following features: Apply the correct prototype to the entry point function Fix segments so all segments are RWX and have the correct semantics This allows for global function pointers to be rendered correctly Apply types for core UEFI services (from EDK-II) Locate known protocol GUIDsRead More
Eyeballer is meant for large-scope network penetration tests where you need to find “interesting” targets from a huge set of web-based hosts. Go ahead and use your favorite screenshotting tool like normal (EyeWitness or GoWitness) and then run them through Eyeballer to tell you what’s likely to contain vulnerabilities, and what isn’t. Example Labels Old-LookingRead More
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. It’s intended to complement Burp Intruder by handling attacks that require exceptional speed, duration, or complexity. The following features set it apart: Fast – Turbo Intruder uses a HTTP stack hand-coded from scratch with speed in mind.Read More
An API for analyzing & finding a person profile across +300 social media websites. It includes different string analysis and detection modules, you can choose which combination of modules to use during the investigation. The detection modules utilize a rating mechanism based on different detection techniques, which produces a rate value that starts from 0Read More
“”” What is this register used for? Hmm.. I’ll just rename it to veryuniquename, do a textual search, and find all references! Ok.. Waiting for the search to end.. any minute now.. Done! Now I just need to understand which of the search result is relevant to the current usage frame of the register. Shouldn’tRead More
AWS Report is a tool for analyzing amazon resources. Install using PIP pip install awsreport Features Search IAM users based on creation date Search buckets public Search security based in rules, default is 0.0.0.0/0 Search elastic ip dissociated Search volumes available Search AMIs with permission public Search internet gateways detached Options aws_report.py [OPTIONS]Options: –s3 SearchRead More
