Hakoriginfinder – Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs!

Tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How does it work? This tool will first make a HTTP request to the hostname that you provide and store the response, then it will make a request to every IP address that you provide via HTTPRead More

RogueAssemblyHunter – Rogue Assembly Hunter Is A Utility For Discovering ‘Interesting’ .NET CLR Modules In Running Processes

[*] Rogue Assembly Hunter is a utility for discovering ‘interesting’ .NET CLR modules in running processes. Author: @bohops License: MIT Project: https://github.com/bohops/RogueAssemblyHunter Background .NET is a very powerful and capable development platform and runtime framework for building and running .NET managed applications. Over the last several years, .NET has been adopted by Red Teams (andRead More

SubCrawl – A Modular Framework For Discovering Open Directories, Identifying Unique Content Through Signatures And Organizing The Data With Optional Output Modules, Such As MISP

SubCrawl is a framework developed by Patrick Schläpfer, Josh Stroschein and Alex Holland of HP Inc’s Threat Research team. SubCrawl is designed to find, scan and analyze open directories. The framework is modular, consisting of four components: input modules, processing modules, output modules and the core crawling engine. URLs are the primary input values, whichRead More

ImpulsiveDLLHijack – C# Based Tool Which Automates The Process Of Discovering And Exploiting DLL Hijacks In Target Binaries

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during RedTeam Operations to evade EDR’s. 1. Methodological Approach : The tool basically acts on automating following stages performed for DLL Hijacking: Discovery – Finding Potentially Vulnerable DLL Hijack paths ExploitationRead More