Shad0w – Modular C2 Framework
SHAD0W is a modular C2 framework designed to successfully operate on mature environments.
It uses a range of methods to evade EDR and AV while allowing the operator to continue...
GitDorker – Scrape Secrets From GitHub Through Usage Of A Large Repository
GitDorker is a tool that utilizes the GitHub Search API and an extensive list of GitHub dorks that I’ve compiled from various sources to provide an overview of sensitive information stored...
Big Bounty Recon – Reconnaissance Tool
BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation. Reconnaissance is the most...
Hellraiser – CVE-Search Vulnerability Scanner
HellRaiser
Vulnerability Scanner
Install
HellRaiser depends on cve-search API. Have a cve-search API running and add the address in config/config.yml on cvesearch_api_domain field.
Install ruby, bundler and rails. https://gorails.com/setup/ubuntu/16.04
Install redis-server and nmap.
sudo apt-get update
sudo apt-get install redis-server nmap
Install the foreman...
Pesidious – Malware Mutation Using Reinforcement Learning
Malware Mutation using Deep Reinforcement Learning and GANs
The purpose of the tool is to use artificial intelligence to mutate a malware (PE32 only) sample to bypass AI powered classifiers while keeping...
Macro Pack- Macro & VBS Obfuscation Automation
macro_pack by sevagas
Short description
The macro_pack is a tool used to automatize obfuscation and generation of retro formats such as MS Office documents or VBS like format. Now it also...
OX App Suite / OX Guard / OX Documents SSRF / Cross Site Scripting
Authored by Martin Heiland
Open-Xchange OX App Suite, OX Guard, and OX Documents suffer from server-side request forgery and cross site scripting vulnerabilities. Some of these issues only affect version...
Retoolkit – Reverse Engineer’s Toolkit
Retoolkit is a collection of tools you may like if you are interested on reverse engineering and/or malware analysis on x86 and x64 Windows systems. After installing this toolkit you'll have a folder...
Registration And Login System 1.0 SQL Injection
Authored by indoushka
Registration and Login System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Change Mirror Download
=============================================================================================================================================| # Title :...
SPIP Remote Command Execution
Authored by coiffeur, Laluka, Julien Voisin | Site metasploit.com
This Metasploit module exploits a PHP code injection in SPIP. The vulnerability exists in the oubli parameter and allows an unauthenticated...
