CMLoot CMLoot was created to easily find interesting files stored on System Center Configuration Manager (SCCM/CM) SMB shares. The shares are used for distributing software to Windows clients in Windows...
Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published February 12, 2023 · Last modified February 19, 2023
Grepmarx – source code static analysis platform for security auditors Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and...
Inline-Execute-PE Inline-Execute-PE is a suite of Beacon Object Files (BOF’s) and an accompanying Aggressor script for CobaltStrike that enables Operators to load unmanaged Windows executables into Beacon memory and execute...
SilentMoonwalk SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding...
hackebds In the process of penetration and vulnerability mining of embedded devices, many problems have been encountered. One is that some devices do not have telnetd or ssh services to...
WindowSpy WindowSpy is a Cobalt Strike Beacon Object File meant for targeted user surveillance. The goal of this project was to trigger surveillance capabilities only on certain targets, e.g. browser...
FirmAE FirmAE is a fully-automated framework that performs emulation and vulnerability analysis. FirmAE significantly increases the emulation success rate (From Firmadyne‘s 16.28% to 79.36%) with five arbitration techniques. We tested FirmAE...
Android-PIN-Bruteforce Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! How it works It uses...
Defascan: Defacement Scan and Alert Defascan is a python tool that will scrape the internet for your given google dork queries using APIs and alerts using the email provided during...
Alcatraz Alcatraz is an x64 binary obfuscator that is able to obfuscate various different pe files including: .exe .dll .sys Features In the following showcase, all features (besides the one...
wa-tunnel – TCP Tunneling through Whatsapp This is a Baileys based piece of code that lets you tunnel TCP data through two Whatsapp accounts. This can be usable in different situations, for...
PhoneSploit Pro An All-In-One hacking tool is written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework. Complete Automation to get a meterpreter session in One Click This...
Defense / Vulnerability Analysis
by do son · Published January 26, 2023 · Last modified July 1, 2023
Locksmith A tiny tool to identify and remediate common misconfigurations in Active Directory Certificate Services. Mode 0 (Default) – Identify Issues and Output to Console PS> .\Invoke-Locksmith.ps1 Running Invoke-Locksmith.ps1 with...
Am I Exploitable? ‘Am I Exploitable?’ is a python open source project that comes to meet the need of validating if your system is exploitable to specific vulnerabilities. The project...
sh4d0wup Have you ever wondered if the update you downloaded is the same one everybody else gets or did you get a different one that was made just for you? Shadow...
Support Securityonline.info site. Thanks!
