Creates a local or “reverse” Socks proxy using powershell. The local proxy is a simple Socks 4/5 proxy. The reverse proxy creates a tcp tunnel by initiating outbond SSL connections that can go through the system’s proxy. The tunnel can then be used as a socks proxy on the remote host to pivot into theRead More
SnitchDNS is a database driven DNS Server with a Web UI, written in Python and Twisted, that makes DNS administration easier with all configuration changed applied instantly without restarting any system services. One of its main features is the logging of all DNS queries allowing the discovery of network traffic endpoints, and it can alsoRead More
A bash script that automates the exfiltration of data over dns in case we have a blind command execution on a server where all outbound connections except DNS are blocked. The script currently supports sh, bash and powershell and is compatible with exec style command execution (e.g. java.lang.Runtime.exec). Unstaged: Staged: For its operations,Read More
Secure Shell Bruteforcer — A faster & simpler way to bruteforce SSH server. Installation from Binary Download a pre-built binary from releases page, unpack and run! Or: ▶ (sudo) curl -sSfL ‘https://git.io/kitabisa-ssb’ | sh -s — -b /usr/local/bin from Source Need go1.14+ compiler installed and configured, then: ▶ GO111MODULE=on go get ktbs.dev/ssb Usage ▶ ssbRead More
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities Why? I wanted to write a tool in Golang for concurrency I wanted to fuzz parameters for SSRF vulnerablities, as well as fuzz both paths and parameters for CRLF injections I was inspired by Orange’s work for chaining these typesRead More
ssh-mitm is an intercepting (mitm) proxy server for security audits. Redirect/mirror Shell to another ssh client supported in 0.2.8 Replace File in SCP supported in 0.2.6 Replace File in SFTP supported in 0.2.3 Transparent proxy support in 0.2.2! – intercepting traffic to other hosts is now possible when using arp spoofing or proxy is usedRead More
Multi-threaded c2 server and reverse TCP shell client written in pure C (Windows). Command list: list: list available connections. interact tag:blogger.com,1999:blog-8317222231133660547.post-3056304803628582479: interact with client. download [filename]: download a file from client. upload [filename]: upload a file to client. background: background client. exit: terminate client or server. cd [dir]: change directory on client. Download Sak1To-Shell
[*] An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server. Installation RedShell runs on Python 3. It also requires a Cobalt Strike client installed on the system where it runs. Install dependencies: pip3 install -r requirements.txt Install proxychains-ng (https://github.com/rofl0r/proxychains-ng): apt install proxychains4 Make the agscriptRead More
Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: connect to Cooolis-Server Cooolis-Server connects to Metasploit RPC server retrieveRead More
A Fast Reverse Proxy To Help You Expose A Local Server Behind A NAT Or Firewall To The Internet. Development Status frp is under development. Try the latest release version in the master branch, or use the dev branch for the version in development. The protocol might change at a release and we don’t promiseRead More
