dnsteal: DNS Exfiltration tool for stealthily sending files over DNS requests
dnsteal v 2.0 This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests. Below are a couple of different images...
Category: Exploitation
RSB-Framework: Windows/Linux – Reverse Shell Backdoor Framework
Reverse Shell Backdoor is a framework to control infected machines In this repository contains two programs. A backdoor and the user’s interface. the backdoor needs to be compiled sent to...
Secure Socket Funneling – Network tool and toolkit
Secure Socket Funneling (SSF) is a network tool and toolkit. It provides simple and efficient ways to forward data from multiple sockets (TCP or UDP) through a single secure TLS...
CVE-2017-16666: Xplico Unauthenticated Remote Code Execution
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extracted from an internet traffic capture the application’s data contained. For example, from a pcap file Xplico...
WSC2: WebSocket C2 Tool
WSC2 – A WebSocket C2 Tool WSC2 is a PoC of using the WebSockets and a browser process to serve as a C2 communication channel between an agent, running on...
Phishing catcher using Certstream
Phishing catcher Catching malicious phishing domain names using certstream SSL certificates live stream. This is just a working PoC, feel free to contribute and tweak the code to fit your needs Installation...
SpookFlare v2.0 released: Meterpreter loader generator with multiple features for bypassing client-side & network-side countermeasures
SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a...
cromos: Download and Inject code into Google Chrome extensions
Cromos Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application and more cromos create executable files to...
Dlink DIR-850L UnAuthenticated OS Command Execution
Dlink DIR-850L UnAuthenticated OS Command Execution The vulnerabilities have been reported as part of Hack2Win competition, for more information about Hack2Win – Hack2Win – https://blogs.securiteam.com/index.php/archives/3310. The vulnerabilities found in D-Link 850L...
ysoserial.net v1.36 releases: Deserialization payload generator for a variety of .NET formatters
ysoserial.net A proof-of-concept tool for generating payloads that exploit unsafe .NET object deserialization. Description ysoserial.net is a collection of utilities and property-oriented programming “gadget chains” discovered in common .NET libraries...
OSXFuzz: macOS Kernel Fuzzer
macOS Kernel Fuzzer macOS 10.13 kernel fuzzer using multiple different methods. System Call Fuzzing Both the BSD (SYSCALLS) and Mach (MACH_TRAPS) system dispatch tables are defined within the bughunt_syscalls.h file....
unauthenticated OS command injection vulnerability in vulnerable Netgear DGN1000
netgear_dgn1000_setup_unauth_exec The module netgear_dgn1000_setup_unauth_exec exploits an unauthenticated OS command injection vulnerability in vulnerable Netgear DGN1000 with firmware versions up to 1.1.00.48 in addition to DGN2000v1 models, all firmware versions. The vulnerability...
peinjector – MITM PE file infector
peinjector The executable file format on the Windows platform is PE COFF. The peinjector provides different ways to infect these files with custom payloads without changing the original functionality. It...
Metasploit module to exploit Microsoft Office DDE Command Execution Vulnerability
dde_delivery This module generates an DDE command to place within a word document, that when executed, will retrieve a HTA payload via HTTP from an web server. Currently have not...
twittor: A fully featured backdoor that uses Twitter as a C&C server
Twittor A stealthy Python based backdoor that uses Twitter (Direct Messages) as a command and control server This project has been inspired by Gcat which does the same but using a Gmail...
