By Cas van Cooten (@chvancooten), with special thanks to some awesome folks: Fabian Mosch (@S3cur3Th1sSh1t) for sharing dynamic invocation implementation in Nim and the Ekko sleep mask function snovvcrash (@snovvcrash) for adding the initial version of execute-assembly & self-deleting implant option Furkan Göksel (@frkngksl) for his work on NiCOFF and Guillaume Caillé (@OffenseTeacher) for theRead More
Unoffical Flipper Zero cli wrapper written in Python Functions and characteristics: Flipper serial CLI wrapper Websocket client interface Setup instructions: $ git clone https://github.com/wh00hw/pyFlipper.git$ cd pyFlipper$ python3 -m venv venv$ source venv/bin/activate$ pip install -r requirements.txt Tested on: Python 3.8.10 on Linux 5.4.0 x86_64 Python 3.10.5 on Android 12 (Termux + OTGSerial2WebSocket NO ROOT REQUIRED)Read More
A fast tool to scan SAAS,PAAS App written in Go SAAS App Support : salesforce contentful (next version) Note flag -o output not working install : golang 1.18Ver go install -v github.com/Ph33rr/cirrusgo/cmd/[email protected] install -v github.com/Ph33rr/CirrusGo/cmd/[email protected] Help: cirrusgo –help ______ _ ______ / ____/(_)_____ _____ __ __ _____ / ____/____/ / / // ___// ___// /Read More
nimc2 is a very lightweight C2 written fully in nim (implant & server). If you want to give it a try check out the wiki to learn how to install and use nimc2. It’s features include: Windows & Linux implant generation TCP socket communication (with HTTP communication coming soon) Ability to create as many listenersRead More
Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply. Features Fast And Simple SYN/CONNECT probe basedRead More
The goal of this repository is to provide a simple, harmless way to check your AV’s protection on ransomware. This tool simulates typical ransomware behaviour, such as: Staging from a Word document macro Deleting Volume Shadow Copies Encrypting documents (embedded and dropped by the simulator into a new folder) Dropping a ransomware note to theRead More
Tetanus is a Windows and Linux C2 agent written in rust. Installation To install Tetanus, you will need Mythic set up on a machine. In the Mythic root directory, use mythic-cli to install the agent. payload start tetanus”> sudo ./mythic-cli install github https://github.com/MythicAgents/tetanussudo ./mythic-cli payload start tetanus Tetanus supports the http C2 profile: sudo ./mythic-cliRead More
Simple Malware Scanner written in python Very basic malware Scanner by hash comparison Sometimes this can be needed when an incident response. If you found new or suspicious files when you do response, you want to check out where these files exist in systems. so then you may need like this tool. this is aRead More
ADReaper is a tool written in Golang which enumerate a Active Directory environment with LDAP queries within few seconds. Installation You can download precompiled executable binaries for Windows/Linux from latest releases Install from source To build from source, clone the repo and build it with GO $ git clone https://github.com/AidenPearce369/ADReaper$ cd ADReaper/$ go build UsageRead More
subdomains.sh wrapper around tools I use for subdomain enumeration, to automate the workflow, on a given domain. Usage To display this script’s help message, use the -h flag: subdomains.sh -h subdomains for * –use-passive-source comma(,) separated tools to use –exclude-passive-source comma(,) separated tools to exclude –skip-semi-active skip semi active techniques -r, –resolvers list of DNSRead More
