This is the code base for the service running on: https://patchchecker.com. In short, PatchChecker is a web application (running on flask) that provides output similar to that of Watson. However by using PatchChecker, one is not required to execute a binary on the target machine. Included in this project is also a web scraper thatRead More
Lockphish it’s the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link. LockPhish Tutorial: https://www.kalilinux.in/2020/05/lockphish.htmlAuthor: The Linux Choice (Who deleted his GitHub repository)Twitter: https://twitter.com/linux_choice Features: Lockscreen phishing page for Windows, Android and iPhone Auto detect device Port Forwarding by NgrokRead More
A Linux alternative to enum.exe for enumerating data from Windows and Samba hosts. Enum4linux is a tool for enumerating information from Windows and Samba systems. It attempts to offer similar functionality to enum.exe formerly available from www.bindview.com. It is written in Perl and is basically a wrapper around the Samba tools smbclient, rpclient, net andRead More
SharpHose is a C# password spraying tool designed to be fast, safe, and usable over Cobalt Strike’s execute-assembly. It provides a flexible way to interact with Active Directory using domain-joined and non-joined contexts, while also being able to target specific domains and domain controllers. SharpHose takes into consideration the domain password policy, including fine grainedRead More
Defending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection & response capabilities has proven to be a step in the right direction. However, without the telemetry produced by adversary behavior, building new and testing existing detection capabilities will be constrained.PurpleSharp is an open sourceRead More
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities.Exploit ChecksThe first feature of dazzleUP is that it uses Windows Update Agent API instead of WMI (like others) when finding missing patches. dazzleUP checks the following vulnerabilities. DCOM/NTLM Reflection (Rotten/Juicy Potato)Read More
Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windowsBlogpost: https://redteamer.tips/?p=108To be used with a cmd that does whatever the F you want, for a dll that pops cmd, https://github.com/jfmaes/CMDLL. check the list in wietze’s site to check how you should call your dll.will automatically create c:Windows System32 and drop your dll and chosen binary in there, followed by execution.Read More
WiFi Passview is an open-source batch script-based program that can recover your WiFi Password easily in seconds. This is for Windows OS only. Basically, this scripted program has the same function as other passview software such as webpassview and mailpassview. Visit WikiDisclaimer: WiFi Passview is NOT designed for malicious use! Please use this program responsibly!HowRead More
An open-source binary debugger for Windows, aimed at malware analysis and reverse engineering of executables you do not have the source code for. There are many features available and a comprehensive plugin system to add your own. You can find more information on the blog!Screenshots Installation & Usage Download a snapshot from GitHub, SourceForge orRead More
A free and portable tool for controlling Windows 10’s many privacy-related settings and keep your personal data private. Your preparation for the Net!The Windows 10 default privacy settings leave a lot to be desired when it comes to protecting you and your private information. Whenever I set up a new computer or update a currentRead More
