Tscopy – Tool to parse the NTFS $MFT file to locate and copy specific files

Introducing TScopy It is a requirement during an Incident Response (IR) engagement to have the ability to analyze files on the filesystem. Sometimes these files are locked by the operating system (OS) because they are in use, which is particularly frustrating with event logs and registry hives. TScopy allows the user, who is running withRead More

SecretScanner – Find Secrets And Passwords In Container Images And File Systems

Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets? Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure (such as accounts, devices, network, cloud based services), applications, storage, databases and other kinds of critical data for an organization.Read More

AnonX – An Encrypted File Transfer Via AES-256-CBC

An Encrypted File transfer via AES-256-CBC AnonX is an encrypted file uploader and downloader. The uploaded archive lasts for one week and shall remove from the server. AnonX encrypts the directory before uploading it to the server. The download function requires the download id and AES password to successfully download and decrypt the archive. [+]Read More

WdToggle – A Beacon Object File (BOF) For Cobalt Strike Which Uses Direct System Calls To Enable WDigest Credential Caching

A Proof of Concept Cobalt Strike Beacon Object File which uses direct system calls to enable WDigest credential caching and circumvent Credential Guard (if enabled). Additional guidance can be found in this blog post: https://outflank.nl/blog/?p=1592 Background This PoC code is based on the following excellent blog posts: Exploring Mimikatz – Part 1 – WDigest BypassingRead More

PE-Packer – A Simple Windows X86 PE File Packer Written In C And Microsoft Assembly

PE-Packer is a simple packer for Windows PE files. The new PE file after packing can obstruct the process of reverse engineering. It will do the following things when packing a PE file: Transforming the original import table. Encrypting sections. Clearing section names. Installing the shell-entry. When running a packed PE file, the shell-entry willRead More

Ssh-Mitm – Ssh Mitm Server For Security Audits Supporting Public Key Authentication, Session Hijacking And File Manipulation

ssh-mitm is an intercepting (mitm) proxy server for security audits. Redirect/mirror Shell to another ssh client supported in 0.2.8 Replace File in SCP supported in 0.2.6 Replace File in SFTP supported in 0.2.3 Transparent proxy support in 0.2.2! – intercepting traffic to other hosts is now possible when using arp spoofing or proxy is usedRead More

ApkLeaks – Scanning APK File For URIs, Endpoints And Secrets

Scanning APK file for URIs, endpoints & secrets. Installation To install apkLeaks, simply: $ git clone https://github.com/dwisiswant0/apkleaks$ cd apkleaks/$ pip install -r requirements.txt Or download at release tab. Dependencies This package works in Python2 (not Python3). Install global packages: Linux $ sudo apt-get install libssl-dev swig -y OSX $ brew install openssl swig Windows YouRead More

Grawler – Tool Which Comes With A Web Interface That Automates The Task Of Using Google Dorks, Scrapes The Results, And Stores Them In A File

Grawler is a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file. General info Grawler aims to automate the task of using google dorks with a web interface, the main idea is to provide a simple yetRead More

Zracker – Zip File Password BruteForcing Utility Tool based on CPU-Power

Zracker is a Zip File Password BruteForcing Utility Tool based on CPU-Power. Yet available for Linux only … Supports WordList Mode only but will surely get an Update with BruteForce Mode Dedicated WebSite: https://devim-stuffs.github.io/zracker/ Link to Post on Null-Byte: https://null-byte.wonderhowto.com/forum/increasing-speed-cracking-zip-passwords-with-power-cpu-0341537/ Features [1] Auto Updater Automatically checks for updates when you start the script, and DownloadsRead More

Wave-Share – Serverless, Peer-To-Peer, Local File Sharing Through Sound

A proof-of-concept for WebRTC signaling using sound. Works with all devices that have microphone + speakers. Runs in the browser. Nearby devices negotiate the WebRTC connection by exchanging the necessary Session Description Protocol (SDP) data via a sequence of audio tones. Upon successful negotiation, a local WebRTC connection is established between the browsers allowing dataRead More

X