Fuzzinator: Random Testing Framework
Fuzzinator Fuzzinator is a framework helping you to deal with the common fuzzing tasks, like running fuzz jobs, updating the targets, and reducing the inputs that induced failures. The figure below...
Category: Exploitation
ipv4Bypass: Using IPv6 to Bypass Security
ipv4Bypass Using IPv6 to Bypass Security how the tool works 1) Sends an ICMP echo request (ping6 ff02::1%eth0) to the broadcast address (ff02::1), all IPv6 hosts in the local network...
ibombshell: Dynamic Remote Shell
ibombshell – Dynamic Remote Shell ibombshell is a tool written in Powershell that allows you to have a prompt at any time with post-exploitation functionalities (and in some cases exploitation). It...
Macro Pack v2.2 releases: automatize obfuscation & generation of MS Office documents
Macro Pack The macro_pack is a tool used to automatize obfuscation and generation of MS Office documents for pentest, demo, and social engineering assessments. The goal of macro_pack is to...
dr_checker: Soundy Vulnerability Detection Tool for Linux Kernel Drivers
DR.CHECKER: A Soundy Vulnerability Detection Tool for Linux Kernel Drivers 1. Setup Our implementation is based on LLVM, specifically LLVM 3.8. We also need tools like c2xml to parse headers. First, make...
whoof: Web-Browser Hooking Framework
whoof (Web-Browser Hooking Framework) whoof is an early stage lightweight web browser hooking framework. A web browser hook can be thought of as a backdoor in a web page allowing...
Invoke-NoShell: All the Power with no Shell
Invoke-NoShell Invoke-NoShell outputs a Mircosoft Office Word .doc file with an embedded macro. It allows the automation of multiple similar versions of files, allowing to test how slight differences will...
ruler v2.5 releases: abuse Exchange services
Ruler is a tool that allows you to interact with Exchange servers remotely, through either the MAPI/HTTP or RPC/HTTP protocol. The main aim is to abuse the client-side Outlook features...
Inception: In-memory compilation and reflective loading of C# apps
Inception Framework Inception provides In-memory compilation and reflective loading of C# apps for AV evasion. Payloads are AES encrypted before transmission and are decrypted in memory. The payload server ensures...
scale: Side-Channel Attack Lab
SCALE: Side-Channel Attack Lab. Exercises Alongside the implementation of cryptography in hardware and software, attacks on those implementations (plus associated countermeasures) form a central challenge in cryptographic engineering. This topic is sometimes termed...
boofuzz v0.4.2 releases: Network Protocol Fuzzing for Humans
boofuzz: Network Protocol Fuzzing for Humans It is a fork of and the successor to the venerable Sulley fuzzing framework. Besides numerous bug fixes, it aims for extensibility. The goal: fuzz everything....
OWASP ZSC v1.1.0 ST – Shellcode/Obfuscate Code Generator
OWASP ZSC THIS SOFTWARE WAS CREATED TO CHALLENGE ANTIVIRUS TECHNOLOGY, RESEARCH NEW ENCRYPTION METHODS, AND PROTECT SENSITIVE OPEN SOURCE FILES WHICH INCLUDE IMPORTANT DATA. CONTRIBUTORS AND OWASP FOUNDATION WILL NOT...
ShellGen: Dynamic and extensible shell code generator
ShellGen ShellGen is a dynamic shellcode generator with multiple output types that can be formatted in binary, hexadecimal, and the typical shellcode output standard. Outputs are also able to be...
fuzzotron: TCP/UDP based network daemon fuzzer
Fuzzotron Fuzzotron is a simple network fuzzer supporting TCP, UDP, and multithreading. Radamsa and Blab are used for test case generation. Fuzzotron exists as a first-port-of-call network fuzzer, aiming for...
memrepl: Memory inspection REPL interface
memrepl memrepl is a Frida based script that aims to help a researcher in the task of exploitation of memory corruption related bugs. The idea is that the researcher can perform database like queries to...
