PersistBOF – Tool To Help Automate Common Persistence Mechanisms

A tool to help automate common persistence mechanisms. Currently supports Print Monitor (SYSTEM), Time Provider (Network Service), Start folder shortcut hijacking (User), and Junction Folder (User) Usage Clone, run make, add .cna to Cobalt Strike client. run: help persist-ice in CS console Syntax: persist-ice [PrintMon, TimeProv, Shortcut, Junction] [persist or clean] [key/folder name] [dll /Read More

pwnSpoof – Generates realistic spoofed log files for common web servers with customisable attack scenarios

pwnSpoof (from Punk Security) generates realistic spoofed log files for common web servers with customisable attack scenarios. Every log bundle is unique and completely customisable, making it perfect for generating CTF scenarios and for training serials. Can you find the attacker session and build the incident picture?   About The Project pwnSpoof was created onRead More

Sigurlfind3R – A Reconnaissance Tool, It Fetches URLs From AlienVault’s OTX, Common Crawl, URLScan, Github And The Wayback Machine

sigurlfind3r is a passive reconnaissance tool, it fetches known URLs from AlienVault’s OTX, Common Crawl, URLScan, Github and the Wayback Machine. DiSCLAIMER: fetching urls from github is a bit slow. Usage sigurlfind3r -h This will display help for the tool. _ _ __ _ _ _____ ___(_) __ _ _ _ _ __| |/ _(_)_Read More

Elpscrk – An Intelligent Common User-Password Profiler Based On Permutations And Statistics

An Intelligent common user-password profiler that’s named after the same tool in Mr.Robot series S01E01 In simple words, elpscrk will ask you about all info you know about your target then will try to generate every possible password the target could think of, it all depends on the information you give, the flags you activate,Read More

Swift-Attack – Unit Tests For Blue Teams To Aid With Building Detections For Some Common macOS Post Exploitation Methods

Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods. I have included some post exploitation examples using both command line history and on disk binaries (which should be easier for detection) as well as post exploitation examples using API calls only (which will be more difficult forRead More

Nginxpwner – Tool to look for common Nginx misconfigurations and vulnerabilities

Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities. Install: cd /optgit clone https://github.com/stark0de/nginxpwnercd nginxpwnerchmod +x install.sh./install.sh Usage: Target tab in Burp, select host, right click, copy all URLs in this host, copy to a filecat urllist | unfurl paths | cut -d”/” -f2-3 | sort -u > /tmp/pathlist Or getRead More

Phpvuln – Audit Tool To Find Common Vulnerabilities In PHP Source Code

phpvuln is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection. Installation You can download phpvuln by cloning the Git repository: git clone https://github.com/ecriminal/phpvuln.git Install the required PIP packages:Read More

Sigurls – A Reconnaissance Tool, It Fetches URLs From AlienVault’s OTX, Common Crawl, URLScan, Github And The Wayback Machine

sigurls is a reconnaissance tool, it fetches URLs from AlienVault’s OTX, Common Crawl, URLScan, Github and the Wayback Machine. Usage To display help message for sigurls use the -h flag: $ sigurls -h _ _ ___(_) __ _ _ _ _ __| |___/ __| |/ _` | | | | ‘__| / __|__ | (_|Read More

X