HackGit

2022-06-15 11:11:00 ​ExeSpy

Cross-Platform PE File Viewer (EXE/DLL)

Free open-source cross-platform Windows PE file viewer. It supports all valid PE formats, including EXE, DLL, COM, OCX, SYS, SCR, CPL, AX, ACM, WINMD, MUI, EFI, TSP, and DRV.

It can view PE information, including:
General information
Headers
Sections
Libraries
Imports
Exports
Resources
Manifest

https://github.com/andyjsmith/Exe-Spy

#blueteam Открыть/Комментировать

2022-06-15 10:59:43 ​gshell

A simple yet flexible cross-platform shell generator tool.

A cross-platform shell generator tool that lets you generate whichever shell you want, in any system you want, giving you full control and automation.

Is cross-platform, you can use it in operating systems such as:
Unix-based systems
GNU/Linux
Windows
macOS

Generates the following shells:
Bind Shells: The target has a listening port and we connect to the target.
Reverse Shells: We have a listening port and the target connects to us.

Supports the following encodings (as of now):
URL Encoding: Bypass URL filters
Base64/32/16 Encodings: Bypass string/keyword filters
PowerShell Base64 Encoding

https://github.com/nozerobit/gshell Открыть/Комментировать

2022-06-15 10:12:46 FollinaExtractor

Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files

https://github.com/MalwareTech/FollinaExtractor Открыть/Комментировать

2022-06-15 10:01:04 ​xnLinkFinder

This is a tool used to discover endpoints for a given target. It can find them by crawling a target, searching files in a given directory, or get them from a #Burp project.

The python script is based on the link finding capabilities of my Burp extension GAP. As a starting point, I took the amazing tool LinkFinder by Gerben Javado, and used the Regex for finding links, but with additional improvements to find even more.

https://github.com/xnl-h4ck3r/xnLinkFinder Открыть/Комментировать

2022-06-15 10:01:00 Remote Code Injection by Abusing CreateProcess and GetEnvironmentVariable

New method of injecting code into a remote process without using WriteProcessMemory.

CreateProcess:
https://www.x86matthew.com/view_post?id=proc_env_injection

GetEnvironmentVariable:
https://x-c3ll.github.io/posts/GetEnvironmentVariable-Process-Injection/

#maldev #process #inject #pinvoke #winapi Открыть/Комментировать

2022-06-14 17:17:00 ​ssh-chat

Custom SSH server written in Go. Instead of a shell, you get a chat prompt.

https://github.com/shazow/ssh-chat Открыть/Комментировать

2022-06-14 17:17:00 ​mquery

Blazingly fast Yara queries for #malware analysts

https://github.com/CERT-Polska/mquery Открыть/Комментировать

2022-06-14 17:17:00 ​DumpsterDiver

DumpsterDiver is a tool, which can analyze big volumes of data in search of hardcoded secrets like keys (e.g. AWS Access Key, Azure Share Key or SSH keys) or passwords.

Additionally, it allows creating a simple search rules with basic conditions (e.g. report only csv files including at least 10 email addresses).

The main idea of this tool is to detect any potential secret leaks. You can watch it in action in the demo video or read about all its features in this article.

https://github.com/securing/DumpsterDiver Открыть/Комментировать

2022-06-14 17:12:35 beacon

Former attempt at creating a independent #Cobalt Strike Beacon

https://github.com/SecIdiot/beacon Открыть/Комментировать

2022-06-11 17:17:00 lockc

Open source sofware for providing MAC (Mandatory Access Control) type of security audit for container workloads.

The main reason why lockc exists is that containers do not contain. Containers are not as secure and isolated as VMs. By default, they expose a lot of information about host OS and provide ways to "break out" from the container. lockc aims to provide more isolation to containers and make them more secure.

https://github.com/lockc-project/lockc Открыть/Комментировать