Exploitation / Post Exploitation
by do son · Published December 3, 2018 · Last modified November 4, 2024
NetRipper – this is a fairly recent tool that is positioned for the post-operating system based on Windows and uses a number of non-standard approaches to extract sensitive data. It...
ShadowSocks ConnecTion A wrapper tool for shadowsocks to consistently bypass firewalls. Download git clone https://github.com/wanjunzh/ssct.git Quickstart Automatically connect The easiest way to run this tool is just type ssct in a terminal, and ssct will...
Nishang Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing and red teaming. Nishang is useful during all phases...
Exploitation / Reverse Engineering
by do son · Published November 12, 2018 · Last modified October 10, 2021
HeapHopper is a bounded model checking framework for Heap-implementations. HEAPHOPPER’s goal is to evaluate the exploitability of an allocator in the presence of memory corruption vulnerabilities in the application using...
GreatSCT GreatSCT is a tool designed to generate Metasploit payloads that bypass common anti-virus solutions and application whitelisting solutions. Download Usage The first screen you’ll see...
Armor Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners. A Netcat listener is started on port 4444. The “payload.txt” file is...
GRFICS GRFICS is a graphical realism framework for industrial control simulations that uses Unity 3D game engine graphics to lower the barrier to entry for industrial control system security. GRFICS...
XIP XIP generates a list of IP addresses by applying a set of transformations used to bypass security measures e.g. blacklist filtering, WAF, etc. Below are the implemented transformations: Hexadecimal...
LAPSToolkit Functions are written in PowerShell that leverage PowerView to audit and attack Active Directory environments that have deployed Microsoft’s Local Administrator Password Solution (LAPS). It includes finding groups specifically...
GhostTunnel GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload...
Relayer – SMB Relay Attack Script. Relayer is an SMB relay Attack Script that automates all the necessary steps to scan for systems with SMB signing disabled and relaying authentication...
CoffeeShot: Avoid Detection with Memory Injection CoffeeShot is an evasion framework that injects payload from Java-based programs into designated processes on Microsoft Windows. It assists blue team members in assessing...
Exploitation / Network PenTest / Post Exploitation / Web Information Gathering / WebApp PenTest
by do son · Published September 28, 2018 · Last modified November 4, 2024
tactical-exploitation I’ve always been a big proponent of a tactical approach to penetration testing that does not focus on exploiting known software vulnerabilities but relies on old-school techniques such as...
Exploitation / Network PenTest
by do son · Published September 24, 2018 · Last modified November 4, 2024
autoDANE is a tool to automate the process of mapping and compromising internal networks. Given the prevalence of Microsoft Active Directory domains as the primary means of managing large corporate...
Exploitation / Network PenTest
by do son · Published September 24, 2018 · Last modified November 4, 2024
rop-tool v2.4.2 A tool to help you writing binary exploits FEATURES String searching, Gadget searching, patching, info, heap visualization, disassembling Colored output Intel and AT&T flavor Support of ELF, PE...
Support Securityonline.info site. Thanks!
