Spring4Shell-Scan – A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities

A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities Features Support for lists of URLs. Fuzzing for more than 10 new Spring4Shell payloads (previously seen tools uses only 1-2 variants). Fuzzing for HTTP GET and POST methods. Automatic validation of the vulnerability upon discovery. Randomized and non-intrusive payloads. WAFRead More

Dep-Scan – Fully Open-Source Security Audit For Project Dependencies Based On Known Vulnerabilities And Advisories. Supports Both Local Repos And Container Images. Integrates With Various CI Environments Such As Azure Pipelines, CircleCI, Google CloudBuild

dep-scan is a fully open-source security audit tool for project dependencies based on known vulnerabilities, advisories and license limitations. Both local repositories and container images are supported as input. The tool is ideal for CI environments with built-in build breaker logic. If you have just come across this repo, probably the best place to startRead More

log4j-scan – A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts

A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools). Fuzzing for HTTP POST Data parameters. Fuzzing for JSON data parameters. Supports DNS callback for vulnerability discovery and validation. WAF BypassRead More

Ad-Honeypot-Autodeploy – Deploy A Small, Intentionally Insecure, Vulnerable Windows Domain For RDP Honeypot Fully Automatically

Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically. Runs on self-hosted virtualization using libvirtwith QEMU/KVM (but it can be customized easily for cloud-based solutions). Used for painlessly set up a small Windows Domain from scratch automatically (without user interaction) for the purpose of RDP Honeypot testing. Features a Domain Controller,Read More

Fully-Homomorphic-Encryption – Libraries And Tools To Perform Fully Homomorphic Encryption Operations On An Encrypted Data Set

This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set. About Fully Homomorphic Encryption Fully Homomorphic Encryption (FHE) is an emerging data processing paradigm that allows developers to perform transformations on encrypted data. FHE can change the way computations are performed by preserving privacy end-to-end, therebyRead More

Charlotte – C++ Fully Undetected Shellcode Launcher

c++ fully undetected shellcode launcher 😉 releasing this to celebrate the birth of my newborn description 13/05/2021: c++ shellcode launcher, fully undetected 0/26 as of 13th May 2021. dynamic invoking of win32 api functions XOR encryption of shellcode and function names randomised XOR keys and variables per run on Kali Linux, simply ‘apt-get install mingw-w64*’Read More

Arbitrium-RAT – A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux

Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux and doesn’t require any firewall exceptions or port forwarding. It gives access to the local networks, you can use the targets as a HTTP proxy and access Router, discover local IPs and scanRead More

Xerror – Fully Automated Pentesting Tool

Xerror is an automated penetration tool , which will helps security professionals and non professionals to automate their pentesting tasks. Xerror will perform all tests and, at the end generate two reports for executives and analysts. Xerror provides GUI easy to use menu driven options.Iinternally it supports openVas for vulnerability scanning, Metasploit for exploitation andRead More

FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) – A Distributed Evolutionary Binary Fuzzer For Pentesters

FLUFFI – A distributed evolutionary binary fuzzer for pentesters. About the project High level overview Getting started Usage HOWTOs Technical Details Contributing to FLUFFI LICENSE Bugs found So far, FLUFFI was almost exclusively used on SIEMENS products and solutions. Bugs found therein will not be published. However, FLUFFI found the following published bugs (please helpRead More