Ecapture – Capture SSL/TLS Text Content Without CA Cert By eBPF

How eCapture works SSL/TLS text context capture, support opensslgnutlsnspr(nss) libraries. bash audit, capture bash command for Host Security Audit. mysql query SQL audit, support mysqld 5.65.78.0, and mariadDB. eCapture Architecure eCapture User Manual Getting started use ELF binary file Download ELF zip file release , unzip and use by command ./ecapture –help. Linux kernel versionRead More

packetsifterTool – A Tool To Aid Analysts In Sifting Through A Packet Capture (Pcap) To Find Noteworthy Traffic

PacketSifter is a tool to perform batch processing of PCAP data to uncover potential IOCs.Simply initializePacketSifter with your desired integrations (VirusTotal, AbuseIPDB) and pass PacketSifter a pcap and the desired switches and PacketSifter will sift through the data and generate several output files. Note Please run AbuseIPDBInitial.sh and VTInitial.sh prior to using their corresponding switchesRead More

SharpWebServer – HTTP And WebDAV Server With Net-NTLM Hashes Capture Functionality

A Red Team oriented simple HTTP & WebDAV server written in C# with functionality to capture Net-NTLM hashes. To be used for serving payloads on compromised machines for lateral movement purposes. Requires .NET Framework 4.5 and System.Net and System.Net.Sockets references. Usage :: SharpWebServer :: a Red Team oriented C# Simple HTTP Server with Net-NTLMv1/2 hashesRead More

Caronte – A Tool To Analyze The Network Flow During Attack/Defence Capture The Flag Competitions

Caronte is a tool to analyze the network flow during capture the flag events of type attack/defence. It reassembles TCP packets captured in pcap files to rebuild TCP connections, and analyzes each connection to find user-defined patterns. The patterns can be defined as regex or using protocol specific rules. The connection flows are saved intoRead More

Proxify – Swiss Army Knife Proxy Tool For HTTP/HTTPS Traffic Capture, Manipulation, And Replay On The Go

Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally a replay utility allows to import the dumped traffic (request/responses with correct domain name) into burp or any other proxy by simply setting the upstream proxy to proxify. Features Simple andRead More

NTLMRawUnHide – A Python3 Script Designed To Parse Network Packet Capture Files And Extract NTLMv2 Hashes In A Crackable Format

NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The tool was developed to extract NTLMv2 hashes from files generated by native Windows binaries like NETSH.EXE and PKTMON.EXE without conversion. The following binary network packet capture formats are supported: *.pcap *.pcapng *.cap *.etl UsageRead More

SCREEN_KILLER – Tool To Track Progress For Reporting (Capture Screenshot, Commands And Outputs) During Pentest Engagement And OSCP

This script was to developed to capture screenshot during pentest engagment and OSCP. IMPORTANT: The screenshot feature is no longer allowed for exam but the terminal logging is allowed for exam. If you like the tool and for my personal motivation so as to develop other tools please a +1 star * The tool canRead More

Screenspy – Capture user screenshots using shortcut file (Bypass SmartScreen/Defender)

Capture user screenshots using shortcut file (Bypass SmartScreen/Defender). Suport Multi-monitor Legal disclaimer:Usage of ScreenSpy for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this programInstall gitRead More

HoneyBot – Capture, Upload And Analyze Network Traffic

HoneyBot is a set of scripts and libraries for capturing and analyzing packet captures with PacketTotal.com. Currently this library provides three scripts: capture-and-analyze.py – Capture on an interface for some period of time, and upload capture for analysis. upload-and-analyze.py – Upload and analyze multiple packet captures to PacketTotal.com. trigger-and-analyze.py – Listen for unknown connections, andRead More

Multi-Juicer – Run Capture The Flags And Security Trainings With OWASP Juice Shop

Running CTFs and Security Trainings with OWASP Juice Shop is usually quite tricky, Juice Shop just isn’t intended to be used by multiple users at a time. Instructing everybody how to start Juice Shop on their own machine works ok, but takes away too much valuable time.MultiJuicer gives you the ability to run separate JuiceRead More

X