IDACyber- Data Visualization Plugin for IDA Pro
IDACyber:-- #Data #Visualization #Plugin for #IDA #Pro.
#IDACyber is an interactive data visualization plugin for IDA Pro. It consists of external "color filters" that transform raw data bytes into a canvas that can be used to inspect and navigate data interactively. Depending on the filter in context, browsing this data visually can reveal particular structures and patterns, literally from a zoomed-out perspective.
Requirements
1. IDA 7.3+
2. This #IDAPython project is compatible with #Python3 only. For compatibility with older versions of IDA, you may want to check out the Python2 branch of this project. The Python2 branch is no longer maintained and thus contains outdated code.
#Download #Link:-
https://github.com/patois/IDACyber
(Feed generated with FetchRSS (http://fetchrss.com/))
IDACyber:-- #Data #Visualization #Plugin for #IDA #Pro.
#IDACyber is an interactive data visualization plugin for IDA Pro. It consists of external "color filters" that transform raw data bytes into a canvas that can be used to inspect and navigate data interactively. Depending on the filter in context, browsing this data visually can reveal particular structures and patterns, literally from a zoomed-out perspective.
Requirements
1. IDA 7.3+
2. This #IDAPython project is compatible with #Python3 only. For compatibility with older versions of IDA, you may want to check out the Python2 branch of this project. The Python2 branch is no longer maintained and thus contains outdated code.
#Download #Link:-
https://github.com/patois/IDACyber
(Feed generated with FetchRSS (http://fetchrss.com/))
Photos from National Cyber Security Services's post
Malcolm:-- #Malcolm is a #powerful, easily #deployable #network #traffic #analysis #tool suite for full #packet #capture artifacts (#PCAP files) and #Zeek logs.
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind:-
1. Easy to use:– Malcolm accepts network traffic #data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be uploaded via a simple browser-based interface or captured live and forwarded to Malcolm using lightweight forwarders. In either case, the data is #automatically normalized, #enriched, and correlated for analysis.
2. Powerful traffic analysis:– Visibility into network communications is provided through two intuitive interfaces: #Kibana, a flexible data #visualization plugin with dozens of prebuilt #dashboards providing an at-a-glance overview of network protocols; and Moloch, a powerful tool for finding and identifying the network #sessions #comprising suspected security incidents.
3. Streamlined deployment:– Malcolm operates as a cluster of #Docker containers, isolated #sandboxes which each serves a dedicated function of the #system. This Docker-based deployment model, combined with a few simple scripts for setup and run-time management, makes Malcolm suitable to be deployed quickly across a variety of platforms and use cases, whether it be for long-term deployment on a #Linux #server in a #security operations center (SOC) or for incident response on a #Macbook for an individual engagement.
4. Secure #communications:– All #communications with Malcolm, both from the user interface and from #remote log forwarders, are secured with industry-standard #encryption #protocols.
5. Permissive license:– Malcolm is comprised of several widely used open-source tools, making it an attractive alternative to security solutions requiring paid #licenses.
6. Expanding control systems visibility:– While Malcolm is great for general-purpose network traffic analysis, its creators see a particular need in the #community for tools providing insight into protocols used in industrial control systems (ICS) environments. Ongoing Malcolm development will aim to provide additional parsers for common #ICS protocols.
#Download #Link:-
https://github.com/idaholab/Malcolm
Malcolm:-- #Malcolm is a #powerful, easily #deployable #network #traffic #analysis #tool suite for full #packet #capture artifacts (#PCAP files) and #Zeek logs.
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind:-
1. Easy to use:– Malcolm accepts network traffic #data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be uploaded via a simple browser-based interface or captured live and forwarded to Malcolm using lightweight forwarders. In either case, the data is #automatically normalized, #enriched, and correlated for analysis.
2. Powerful traffic analysis:– Visibility into network communications is provided through two intuitive interfaces: #Kibana, a flexible data #visualization plugin with dozens of prebuilt #dashboards providing an at-a-glance overview of network protocols; and Moloch, a powerful tool for finding and identifying the network #sessions #comprising suspected security incidents.
3. Streamlined deployment:– Malcolm operates as a cluster of #Docker containers, isolated #sandboxes which each serves a dedicated function of the #system. This Docker-based deployment model, combined with a few simple scripts for setup and run-time management, makes Malcolm suitable to be deployed quickly across a variety of platforms and use cases, whether it be for long-term deployment on a #Linux #server in a #security operations center (SOC) or for incident response on a #Macbook for an individual engagement.
4. Secure #communications:– All #communications with Malcolm, both from the user interface and from #remote log forwarders, are secured with industry-standard #encryption #protocols.
5. Permissive license:– Malcolm is comprised of several widely used open-source tools, making it an attractive alternative to security solutions requiring paid #licenses.
6. Expanding control systems visibility:– While Malcolm is great for general-purpose network traffic analysis, its creators see a particular need in the #community for tools providing insight into protocols used in industrial control systems (ICS) environments. Ongoing Malcolm development will aim to provide additional parsers for common #ICS protocols.
#Download #Link:-
https://github.com/idaholab/Malcolm
MifareClassicTool:-- An #Android #NFC app for reading, writing, #analyzing, etc. MIFARE Classic #RFID tags.
Features:--
1. Read MIFARE Classic tags
2. Save, edit and share the tag #data you read
3. Write to MIFARE Classic tags (block-wise)
4. Clone MIFARE Classic tags
(Write #dump of a tag to another tag; write 'dump-wise')
5. Key #management based on dictionary-attack
(Write the keys you know in a file (dictionary).
MCT will try to authenticate with these
keys against all sectors and read as much as possible.
See chapter Getting Started.)
6. Format a tag back to the factory/delivery state
7. Write the manufacturer block of special MIFARE Classic tags
8. Use external NFC readers like ACR 122U
(See the Help & Info section for more information.)
9. Create, edit, save and share key files (dictionaries)
10. Decode & Encode MIFARE Classic Value Blocks
11. Decode & Encode MIFARE Classic Access Conditions
12. Compare dumps (Diff Tool)
13. Display generic tag information
14. Display the tag data as highlighted hex
15. Display the tag data as 7-Bit US-ASCII
16. Display the MIFARE Classic Access Conditions as a table
17. Display MIFARE Classic Value Blocks as an integer
18. In-App (offline) help and #information
19. It's free #software (#opensource). ;)
#Download #Link:-
https://github.com/ikarus23/MifareClassicTool
MifareClassicTool:-- An #Android #NFC app for reading, writing, #analyzing, etc. MIFARE Classic #RFID tags.
Features:--
1. Read MIFARE Classic tags
2. Save, edit and share the tag #data you read
3. Write to MIFARE Classic tags (block-wise)
4. Clone MIFARE Classic tags
(Write #dump of a tag to another tag; write 'dump-wise')
5. Key #management based on dictionary-attack
(Write the keys you know in a file (dictionary).
MCT will try to authenticate with these
keys against all sectors and read as much as possible.
See chapter Getting Started.)
6. Format a tag back to the factory/delivery state
7. Write the manufacturer block of special MIFARE Classic tags
8. Use external NFC readers like ACR 122U
(See the Help & Info section for more information.)
9. Create, edit, save and share key files (dictionaries)
10. Decode & Encode MIFARE Classic Value Blocks
11. Decode & Encode MIFARE Classic Access Conditions
12. Compare dumps (Diff Tool)
13. Display generic tag information
14. Display the tag data as highlighted hex
15. Display the tag data as 7-Bit US-ASCII
16. Display the MIFARE Classic Access Conditions as a table
17. Display MIFARE Classic Value Blocks as an integer
18. In-App (offline) help and #information
19. It's free #software (#opensource). ;)
#Download #Link:-
https://github.com/ikarus23/MifareClassicTool
Features:--
1. Read MIFARE Classic tags
2. Save, edit and share the tag #data you read
3. Write to MIFARE Classic tags (block-wise)
4. Clone MIFARE Classic tags
(Write #dump of a tag to another tag; write 'dump-wise')
5. Key #management based on dictionary-attack
(Write the keys you know in a file (dictionary).
MCT will try to authenticate with these
keys against all sectors and read as much as possible.
See chapter Getting Started.)
6. Format a tag back to the factory/delivery state
7. Write the manufacturer block of special MIFARE Classic tags
8. Use external NFC readers like ACR 122U
(See the Help & Info section for more information.)
9. Create, edit, save and share key files (dictionaries)
10. Decode & Encode MIFARE Classic Value Blocks
11. Decode & Encode MIFARE Classic Access Conditions
12. Compare dumps (Diff Tool)
13. Display generic tag information
14. Display the tag data as highlighted hex
15. Display the tag data as 7-Bit US-ASCII
16. Display the MIFARE Classic Access Conditions as a table
17. Display MIFARE Classic Value Blocks as an integer
18. In-App (offline) help and #information
19. It's free #software (#opensource). ;)
#Download #Link:-
https://github.com/ikarus23/MifareClassicTool
MifareClassicTool:-- An #Android #NFC app for reading, writing, #analyzing, etc. MIFARE Classic #RFID tags.
Features:--
1. Read MIFARE Classic tags
2. Save, edit and share the tag #data you read
3. Write to MIFARE Classic tags (block-wise)
4. Clone MIFARE Classic tags
(Write #dump of a tag to another tag; write 'dump-wise')
5. Key #management based on dictionary-attack
(Write the keys you know in a file (dictionary).
MCT will try to authenticate with these
keys against all sectors and read as much as possible.
See chapter Getting Started.)
6. Format a tag back to the factory/delivery state
7. Write the manufacturer block of special MIFARE Classic tags
8. Use external NFC readers like ACR 122U
(See the Help & Info section for more information.)
9. Create, edit, save and share key files (dictionaries)
10. Decode & Encode MIFARE Classic Value Blocks
11. Decode & Encode MIFARE Classic Access Conditions
12. Compare dumps (Diff Tool)
13. Display generic tag information
14. Display the tag data as highlighted hex
15. Display the tag data as 7-Bit US-ASCII
16. Display the MIFARE Classic Access Conditions as a table
17. Display MIFARE Classic Value Blocks as an integer
18. In-App (offline) help and #information
19. It's free #software (#opensource). ;)
#Download #Link:-
https://github.com/ikarus23/MifareClassicTool
Lockwise-ios:-- #Firefox's #Lockwise #app for #iOS and #Android.
#Securely access the #passwords you’ve saved in Firefox from anywhere — even outside of the #browser.
Features:-
1. 256-bit #encryption protects you while synchronizing
2. Get to your passwords securely with Face or Touch ID
3. Your #privacy comes first. We keep your #data safe, never sold.
#Download #Link:-
https://www.mozilla.org/en-GB/firefox/lockwise/
Lockwise-ios:-- #Firefox's #Lockwise #app for #iOS and #Android.
#Securely access the #passwords you’ve saved in Firefox from anywhere — even outside of the #browser.
Features:-
1. 256-bit #encryption protects you while synchronizing
2. Get to your passwords securely with Face or Touch ID
3. Your #privacy comes first. We keep your #data safe, never sold.
#Download #Link:-
https://www.mozilla.org/en-GB/firefox/lockwise/
#Securely access the #passwords you’ve saved in Firefox from anywhere — even outside of the #browser.
Features:-
1. 256-bit #encryption protects you while synchronizing
2. Get to your passwords securely with Face or Touch ID
3. Your #privacy comes first. We keep your #data safe, never sold.
#Download #Link:-
https://www.mozilla.org/en-GB/firefox/lockwise/
Lockwise-ios:-- #Firefox's #Lockwise #app for #iOS and #Android.
#Securely access the #passwords you’ve saved in Firefox from anywhere — even outside of the #browser.
Features:-
1. 256-bit #encryption protects you while synchronizing
2. Get to your passwords securely with Face or Touch ID
3. Your #privacy comes first. We keep your #data safe, never sold.
#Download #Link:-
https://www.mozilla.org/en-GB/firefox/lockwise/
Eagle Eyes:-- Eagle Eyes is a #powerful low-level #TCP #networking #RAT. Supporting #desktop streaming, #webcam streaming, audio listening, #keylogging & more available from its CLI.
Eagle Eyes is a #spyware #Python program created for #Windows that supports multiple ways to collect #data & automatically save everything organized in folders. It has two shells you will use, the first #shell is to control & manage clients & options. It is also from this shell you have can connect to a client session. This will give a reverse shell-like connection to a specific client with extra built-in commands.
#Download #Link:-
https://github.com/Alvin-22/Eagle-Eyes
Eagle Eyes:-- Eagle Eyes is a #powerful low-level #TCP #networking #RAT. Supporting #desktop streaming, #webcam streaming, audio listening, #keylogging & more available from its CLI.
Eagle Eyes is a #spyware #Python program created for #Windows that supports multiple ways to collect #data & automatically save everything organized in folders. It has two shells you will use, the first #shell is to control & manage clients & options. It is also from this shell you have can connect to a client session. This will give a reverse shell-like connection to a specific client with extra built-in commands.
#Download #Link:-
https://github.com/Alvin-22/Eagle-Eyes
Eagle Eyes is a #spyware #Python program created for #Windows that supports multiple ways to collect #data & automatically save everything organized in folders. It has two shells you will use, the first #shell is to control & manage clients & options. It is also from this shell you have can connect to a client session. This will give a reverse shell-like connection to a specific client with extra built-in commands.
#Download #Link:-
https://github.com/Alvin-22/Eagle-Eyes
Eagle Eyes:-- Eagle Eyes is a #powerful low-level #TCP #networking #RAT. Supporting #desktop streaming, #webcam streaming, audio listening, #keylogging & more available from its CLI.
Eagle Eyes is a #spyware #Python program created for #Windows that supports multiple ways to collect #data & automatically save everything organized in folders. It has two shells you will use, the first #shell is to control & manage clients & options. It is also from this shell you have can connect to a client session. This will give a reverse shell-like connection to a specific client with extra built-in commands.
#Download #Link:-
https://github.com/Alvin-22/Eagle-Eyes
#VirusTotal is very excited to announce a #beta release of a new #plugin for #IDA Pro v7 which integrates VT Intelligence’s content search directly into IDA.
This plugin adds a new "VirusTotal" entry to the IDA Pro context menu (#disassembly and strings #windows), enabling you to search for similar or exact #data on VirusTotal. It translates the user selection into a query that #VTGrep understands.
#Link:-
https://blog.virustotal.com/2020/02/official-virustotal-plugin-for-ida-pro-7.html?m=1
#VirusTotal is very excited to announce a #beta release of a new #plugin for #IDA Pro v7 which integrates VT Intelligence’s content search directly into IDA.
This plugin adds a new "VirusTotal" entry to the IDA Pro context menu (#disassembly and strings #windows), enabling you to search for similar or exact #data on VirusTotal. It translates the user selection into a query that #VTGrep understands.
#Link:-
https://blog.virustotal.com/2020/02/official-virustotal-plugin-for-ida-pro-7.html?m=1
This plugin adds a new "VirusTotal" entry to the IDA Pro context menu (#disassembly and strings #windows), enabling you to search for similar or exact #data on VirusTotal. It translates the user selection into a query that #VTGrep understands.
#Link:-
https://blog.virustotal.com/2020/02/official-virustotal-plugin-for-ida-pro-7.html?m=1
#VirusTotal is very excited to announce a #beta release of a new #plugin for #IDA Pro v7 which integrates VT Intelligence’s content search directly into IDA.
This plugin adds a new "VirusTotal" entry to the IDA Pro context menu (#disassembly and strings #windows), enabling you to search for similar or exact #data on VirusTotal. It translates the user selection into a query that #VTGrep understands.
#Link:-
https://blog.virustotal.com/2020/02/official-virustotal-plugin-for-ida-pro-7.html?m=1
PokemonTowerExploit:-- Enabling and automating an #exploit in #Pokémon Tower Battle.
This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.
Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI
#Downlod #Link:-
https://github.com/manstie/PokemonTowerExploit
PokemonTowerExploit:-- Enabling and automating an #exploit in #Pokémon Tower Battle.
This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.
Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI
#Downlod #Link:-
https://github.com/manstie/PokemonTowerExploit
This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.
Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI
#Downlod #Link:-
https://github.com/manstie/PokemonTowerExploit
PokemonTowerExploit:-- Enabling and automating an #exploit in #Pokémon Tower Battle.
This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.
Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI
#Downlod #Link:-
https://github.com/manstie/PokemonTowerExploit