Penetration Testing

MISP – Malware Information Sharing Platform and Threat Sharing MISP, Malware Information Sharing Platform, and Threat Sharing is an open source software solution for collecting,…

Networking

frp v0.27.0 releases: fast reverse proxy for exposing a local server behind a NAT or firewall to the internet

do son April 25, 2019 No Comments proxy

frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet. Now, it supports tcp,…

Crypto

deen v2.0.0b2 released: Generic data encoding/decoding application

do son April 25, 2019 No Comments deen

deen An application that allows applying encoding, compression, and hashing to generic input data. It is meant to be a handy tool for quick encoding/decoding…

Programming

slither v0.6.3 releases: Static Analyzer for Solidity

do son April 25, 2019 No Comments Slither Solidity source analyzer

Slither, the Solidity source analyzer Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual…

Exploitation

kimi v1.2 releases: generate malicious debian packages

do son April 25, 2019 No Comments deb trojan kimi

kimi – Malicious Debian Package generator Script to generate malicious debian packages (debain trojans). About Kimi is name inspired from “Kimimaro” one of my…

Web Information Gathering

HostHunter: discovering hostnames using OSINT techniques

do son April 25, 2019 No Comments HostHunter OSINT

HostHunter A tool to efficiently discover and extract hostnames over a large set of target IP addresses. HostHunter utilizes simple OSINT techniques. It generates a…

Exploitation Reverse Engineering

BinExp: Linux Binary Exploitation

do son April 25, 2019 No Comments Linux binary Exploitation

Linux Binary Exploitation Topics Lecture 1. Memory Layout of the C program. ELF binaries. Overview of the stack during the function call. Assembly code for…

Exploitation

Unicorn v3.7.4 released: PowerShell downgrade attack

do son April 24, 2019 No Comments bypass antivirus unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s PowerShell attacks and the…

Network PenTest WebApp PenTest

jok3r v3.0 releases: Network & Web Hacking Arsenal Manager

do son April 24, 2019 No Comments jok3r

Jok3r – Network and Web Pentest Framework Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security…

Network PenTest Vulnerability Analysis

lunar v7.4.9 releases: UNIX security auditing tool

do son April 24, 2019 No Comments lunar

The lunar script generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Where possible there…

OWASP ZAP w2019-04-23 released: pentesting tool for finding vulnerabilities in web applications

viewgen: generating both signed and encrypted payloads with leaked validation keys

abuse-ssl-bypass-waf: Bypassing WAF by abusing SSL/TLS Ciphers

tomcatWarDeployer v0.5.2 releases: Apache Tomcat auto WAR deployment & pwning penetration testing tool

sqlmap v1.3.4 releases: automates the process of detecting and exploiting SQL injection flaws

MISP v2.4.106 released – Malware Information Sharing Platform & Threat Sharing