Scout – Lightweight URL Fuzzer And Spider: Discover A Web Server’S Undisclosed Files, Directories And VHOSTs

Scout is a URL fuzzer and spider for discovering undisclosed VHOSTS, files and directories on a web server. A full word list is included in the binary, meaning maximum portability and minimal configuration. Aim and fire! Usage Discover URLs on a given web server. version Display scout version. vhost Discover VHOSTs on a given webRead More

Norimaci – Simple And Lightweight Malware Analysis Sandbox For macOS

[*] “Norimaci” is a simple and lightweight malware analysis sandbox for macOS. This tool was inspired by “Noriben“. Norimaci uses the features of OpenBSM or Monitor.app to monitor macOS system activity instead of Sysinternals Process Monitor (procmon). Norimaci consists of 3 Python scripts. norimaci.py : Main script openbsmconv.py : OpenBSM audit log converter monitorappconv.py :Read More

Pocsploit – A Lightweight, Flexible And Novel Open Source Poc Verification Framework

pocsploit is a lightweight, flexible and novel open source poc verification framework Pain points of the POC framework in the market There are too many params, I don’t know how to get started, but only some of them are commonly used. YAML poc framework(like nuclei & xray) is not flexible enough. the conversion cost isRead More

Rathole – A Lightweight, Stable And High-Performance Reverse Proxy For NAT Traversal, Written In Rust. An Alternative To Frp And Ngrok

A secure, stable and high-performance reverse proxy for NAT traversal, written in Rust rathole, like frp and ngrok, can help to expose the service on the device behind the NAT to the Internet, via a server with a public IP. Features High Performance Much higher throughput can be achieved than frp, and more stable whenRead More

Shisho – Lightweight Static Analyzer For Several Programming Languages

Shisho is a lightweight static analyzer for developers. Please see the usage documentation for further information. Try at Playground You can try Shisho at our playground. Try with Docker You can try shisho in your machine as follows: echo “func test(v []string) int { return len(v) + 1; }” | docker run -i ghcr.io/flatt-security/shisho-cli:latest findRead More

Censys-Python – An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine

An easy-to-use and lightweight API wrapper for the Censys Search Engine (censys.io). Python 3.6+ is currently supported. Getting Started The library can be installed using pip. $ pip install censys To configure your credentials run censys config or set both CENSYS_API_ID and CENSYS_API_SECRET environment variables. $ censys configCensys API ID: XXXCensys API Secret: XXXSuccessfully authenticatedRead More

GoGhost – High Performance, Lightweight, Portable Open Source Tool For Mass SMBGhost Scan

GoGhost is a High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan.InstallationYou can download Windows Binary or Linux Binary. Alternatively, GoGhost uses native Golang libraries so the line above would be fine to compile it: go build GoGhost.go Usage Options GoGhost Scanned 25,000 IP addresses in less than 3 seconds, NMAP took moreRead More

ADCollector – A Lightweight Tool To Quickly Extract Valuable Information From The Active Directory Environment For Both Attacking And Defending

ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the environment as a starting point. Notes:ADCollector is not an alternative to the powerful PowerView, it just automates enumeration to quickly identify juicy information without thinking too muchRead More

MemoryMapper – Lightweight Library Which Allows The Ability To Map Both Native And Managed Assemblies Into Memory

Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or self-injection; the technique of injecting an assembly into the currently running process attempting to do the injection. The library comes with tools notRead More

X