Malware Analysis / Smartphone PenTest
by do son · Published May 2, 2020 · Last modified October 25, 2022
AndroPyTool This is a tool for extracting static and dynamic features from Android APKs. It combines different well-known Android apps analysis tools such as DroidBox, FlowDroid, Strace, AndroGuard or VirusTotal analysis. Provided a source...
VulnNodeApp A vulnerable application made using node.js, express server and ejs template engine. This application is meant for educational purposes only. Vulnerability covered SQL Injection Cross-Site Scripting (XSS) Insecure Direct Object Reference (IDOR) Command...
PowerProxy PowerShell SOCKS proxy with reverse proxy capabilities. PowerProxy is written with penetration testers in mind. Reverse proxy functionality is a priority, for traversing networks that block inbound connections. Reverse proxy connections are encrypted...
MemLabs is an educational, introductory set of CTF-styled challenges which is aimed to encourage students, security researchers and also CTF players to get started with the field of Memory Forensics. Warning: The size of the...
Kick-start your kubernetes cluster with the Stakater Platform. A consolidated solution for logging, tracing, monitoring, delivery, security and much more. It gives you a head start for managing your kubernetes cluster by providing open-source...
RepoTele – Hunting Abused Telegram Accounts The following is a part of my talk called “Leveraging Yara Rules to Hunt for Abused Telegram Accounts”, that script is the second step in my research to...
Memory Mapper Memory Mapper is a lightweight library that allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or...
How to Do Software Testing in Scrum? The software world is one that is constantly shifting, progressing, and expanding, which is why developers are always looking for more effective and robust ways of carrying...
Forerunner The Forerunner library is a fast, lightweight, and extensible networking library created to aid in the development of robust network-centric applications such as IP Scanners, Port Knockers, Clients, Servers, etc. In its current...
Twitter is one of the most popular social platforms in the world. It is a modern offspring of communication through SMS – simple and short, yet informative and entertaining. This feature makes it different...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published April 28, 2020 · Last modified May 23, 2022
hakrawler What is it? hakrawler is a Go web crawler designed for easy, quick discovery of endpoints and assets within a web application. It can be used to discover: Forms Endpoints Subdomains Related domains...
enumy Enumy is an ultra-fast portable executable that you drop on target Linux machine during a pentest or CTF in the post-exploitation phase. Running enumy will enumerate the box for common security vulnerabilities. Who Should Use...
Advanced pen-testers and information system auditors are all familiar with the OSWE certification. Granted by Offensive Security, one of the most renowned penetration testing companies around, the certification declares any passing student to be...
ADCollector ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the environment as a starting point....
Crescendo Crescendo is a swift based, real-time event viewer for macOS. It utilizes Apple’s Endpoint Security Framework. Apple has introduced some new security mechanisms that we need to enable to get Crescendo running. Ensure...
Secure Your Connection
