An automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022. The automatic detection and classification of any given file in a reliable manner is often considered the holy grail of malware analysis. The trials and tribulations to get there are plenty, which is why theRead More
This repository includes two utilities NTLMParse and ADFSRelay. NTLMParse is a utility for decoding base64-encoded NTLM messages and printing information about the underlying properties and fields within the message. Examining these NTLM messages is helpful when researching the behavior of a particular NTLM implementation. ADFSRelay is a proof of concept utility developed while researching theRead More
Generates lists of live hosts and URLs for targeting, automating the usage of Massdns, Masscan and nmap to filter out unreachable hosts Given an input file of domain names, this script will automate the usage of MassDNS to filter out unresolvable hosts, and then pass the results on to Masscan to confirm that the hostsRead More
Collection of offensive tools targeting Microsoft Azure written in Python to be platform agnostic. The current list of tools can be found below with a brief description of their functionality. ./Device_Code/device_code_easy_mode.py Generates a code to be entered by the target user Can be used for general token generation or during a phishing/social engineering campaign. ./Access_Tokens/token_juggle.pyRead More
Tetanus is a Windows and Linux C2 agent written in rust. Installation To install Tetanus, you will need Mythic set up on a machine. In the Mythic root directory, use mythic-cli to install the agent. payload start tetanus”> sudo ./mythic-cli install github https://github.com/MythicAgents/tetanussudo ./mythic-cli payload start tetanus Tetanus supports the http C2 profile: sudo ./mythic-cliRead More
This tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning method (Only if the MOD_CGI is Enabled at the targeted webserver). This tool works with the provided Single target or Mass Target from a fileRead More
This tool can scan websites with open .git repositories for Bug Hunting/ Pentesting Purposes and can dump the content of the .git repositories from webservers that found from the scanning method. This tool works with the provided Single target or Mass Target from a file list. Installation – git clone https://github.com/HightechSec/git-scanner- cd git-scanner- bash gitscanner.shRead More
