HackGit

2022-06-20 11:11:05 ​Hunt-Sleeping-Beacons

Aims To Identify Sleeping Beacons.The idea of this project is to identify beacons which are unpacked at runtime or running in the context of another process.

To do so, I make use of the observation that beacons tend to call Sleep between their callbacks. A call to sleep sets the state of the thread to DelayExecution which is taken as a first indiciator that a thread might be executing a beacon.

After enumerating all threads whose state is DelayExecution, multiple metrics are applied to identify potential beacons

https://github.com/thefLink/Hunt-Sleeping-Beacons Открыть/Комментировать

2022-06-20 11:11:00 ​Sifter

Fully stocked Op Centre for Pentesters. Made up of over 80 different tools.

It combines a plethara of OSINT, recon and vulnerability analysis tools within catagorized modsets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsoft and if unpatched, exploit them.

It uses tools like blackwidow and konan for webdir enumeration and attack surface mapping rapidly using ASM.

Gathered info is saved to the results folder, these output files can be easily parsed over to TigerShark in order to be utilised within your campaign. Or compiled for a final report to wrap up a penetration test.

https://github.com/whiterabb17/sifter

Demo:


Открыть/Комментировать

2022-06-20 11:11:00 ​DFIR Cheat Sheet

Collection of tools, tips, and resources for #DFIR (as a tree directory)

Disk
Memory
Apps
Network
Threat Intelligence
and much more

https://github.com/dfircheatsheet/dfircheatsheet.github.io Открыть/Комментировать

2022-06-20 11:11:00 Bug-Bounty

https://github.com/Anlominus/Bug-Bounty Открыть/Комментировать

2022-06-20 11:11:00 ​Vulnman

Open source pentest management application written in Python using the powerful Django framework.

It aims to have a central place to manage vulnerabilities and other penetration assets. The report generation should be as simple as possible to allow the analyst to focus on finding bugs.

https://github.com/vulnman/vulnman

Website:
https://vulnman.github.io/

Documentation:
https://vulnman.github.io/doc Открыть/Комментировать

2022-06-20 11:11:00 ​SharpZippo

List/Read contents of Zip files (in memory and without extraction) using #Cobalt Strike's Execute-Assembly.

https://github.com/OG-Sadpanda/SharpZippo Открыть/Комментировать

2022-06-20 09:09:48 NlsCodeInjectionThroughRegistry

Dll injection through registry modification of NLS code page ID. It requieres administrator privileges, but it definetely works.

https://github.com/NtQuerySystemInformation/NlsCodeInjectionThroughRegistry

#inject #dll Открыть/Комментировать

2022-06-19 23:20:27 ​OctoPwn & OctoPwnWeb

Pentest framework running (almost) entirely in the browser via pyodide. OctoPwnWeb has been presented a41con.

How it started:
“I waited 2 years for this, rewrote impacket for this, asked cryptographers to remake algos in python for this, spent enormous time of my life to make this happen. and it's finally here this finally works and I can't find the words to express my satisfaction.” (SkelSec)

“For the record: the two crypto guys who eventually helped me in pure-python rewrite of some algos tole me to never ever use it anywhere and also they dont want to be mentioned.” (SkelSec)

https://github.com/skelsec/octopwnweb

Talk:




Slides:
https://docs.google.com/presentation/d/1XQFYr_OBI1lrpybsLrHWTWcYNZcF_zOmGDHiIBwSMng

Tool:
http://octopwn.porchetta.industries/

Readme:
http://octopwn.porchetta.industries/readme.html

Sponsor for more features:
https://porchetta.industries

#pentest #framework Открыть/Комментировать

2022-06-19 17:17:00 ​ADB WEBKIT

Access ADB On Browsers.

Live Android Application Manager:
Install Apk With Some Options Like GrantPermission And …
Revoke And Grant Apk Permission
Uninstall Apk
Run Apk
Clear Cache
Save Apk
Stop Apk

https://github.com/jxroot/adbwebkit Открыть/Комментировать

2022-06-19 17:17:00 Payload-cob

Payload Automation is a collection of Python classes to serve as a bridge between Sleep and Python which can be used to help automate payload development, testing, opsec checking, and deployment with Cobalt Strike or anything else you can come up with.

Included Libraries:
Striker: A set of functions to interact with Cobalt Strike and execute functionality typically only accessible via Sleep/GUI.
Compyler: A set of functions to compile various payloads from platform or cross-platform.
Artifactor: A set of functions to inspect and review artifacts and collect and track IoCs.
Sleepy: A set of functions to help facilitate a bridge between Sleep objects and Python objects.
Detemplate: An incomplete idea of mine to automate the population of template files based on YAML configurations. Meant to be used with more complex payloads with multiple replacements and/or embedding.

https://github.com/turalalv/Payload-cob Открыть/Комментировать