BugBountyToolkit:-- A multi-platform #bug #bounty #toolkit that can be installed on #Debian/ #Ubuntu or setup with #Docker.
Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.
#Downlaod #Link:-
https://github.com/AlexisAhmed/BugBountyToolkit
BugBountyToolkit:-- A multi-platform #bug #bounty #toolkit that can be installed on #Debian/ #Ubuntu or setup with #Docker.
Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.
#Downlaod #Link:-
https://github.com/AlexisAhmed/BugBountyToolkit
Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.
#Downlaod #Link:-
https://github.com/AlexisAhmed/BugBountyToolkit
BugBountyToolkit:-- A multi-platform #bug #bounty #toolkit that can be installed on #Debian/ #Ubuntu or setup with #Docker.
Why should you use this #toolkit?
1. This toolkit offers a 3multiplatform base to work with as the script can be installed on #Linux, set up with Docker or installed on Windows with WSL (#Windows Subsystem for Linux).
2. The installer script can be customized to add or remove specific tools based on your requirements.
3. Tools are constantly being added, updated and fixed.
#Downlaod #Link:-
https://github.com/AlexisAhmed/BugBountyToolkit
Forwarded from NusurTech 2 ©️
PokemonTowerExploit:-- Enabling and automating an #exploit in #Pokémon Tower Battle.
This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.
Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI
#Downlod #Link:-
https://github.com/manstie/PokemonTowerExploit
PokemonTowerExploit:-- Enabling and automating an #exploit in #Pokémon Tower Battle.
This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.
Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI
#Downlod #Link:-
https://github.com/manstie/PokemonTowerExploit
This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.
Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI
#Downlod #Link:-
https://github.com/manstie/PokemonTowerExploit
PokemonTowerExploit:-- Enabling and automating an #exploit in #Pokémon Tower Battle.
This #script loads up the game in a #window and #injects some #javascript code to change the #CSS of the page which allows the game window to stretch. Stretching the game window introduces an exploit which can force both game participants to win. I have automated the exploit process by reading #pixel #data of the window and moving the mouse. The author found the exploit on 2020/01/10.
Controls
1. F5 = refresh the page, in case it doesn't load properly, or the game gets stuck
2. F6 = toggle automatic exploitation (uses mouse control, keep the focus on the window)
3. Ctrl + Q = Stop GUI
#Downlod #Link:-
https://github.com/manstie/PokemonTowerExploit
OWASP D4N155:-- #Intelligent and #dynamic #wordlist using #OSINT.
It's an #information #security #audit #tool that creates intelligent wordlists based on the content of the target page.
#Download #Link:-
https://github.com/OWASP/D4N155
OWASP D4N155:-- #Intelligent and #dynamic #wordlist using #OSINT.
It's an #information #security #audit #tool that creates intelligent wordlists based on the content of the target page.
#Download #Link:-
https://github.com/OWASP/D4N155
It's an #information #security #audit #tool that creates intelligent wordlists based on the content of the target page.
#Download #Link:-
https://github.com/OWASP/D4N155
OWASP D4N155:-- #Intelligent and #dynamic #wordlist using #OSINT.
It's an #information #security #audit #tool that creates intelligent wordlists based on the content of the target page.
#Download #Link:-
https://github.com/OWASP/D4N155
Pupy:-- #Pupy is an #opensource, #cross-platform (#Windows, #Linux, #OSX, #Android) #remote #administration and #post-#exploitation tool mainly written in #python.
Pupy is a cross-platform, multi-function #RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple modes of #transport, migrate into #processes using reflective #injection, and load remote python code, python packages and python C-extensions from #memory.
Features:-
1. Windows #payload can load the entire Python #interpreter from memory using a reflective #DLL.
2. Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
3. Reflectively migrate into other processes.
4. Easily extensible, modules are simple to write and are sorted by os and category.
5. Modules can directly access python objects on the remote client using rpyc.
6. Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
7. Communication transports are modular and stackable. Exfiltrate data using #HTTP over HTTP over #AES over #XOR, or any combination of the available transports.
8. Communicate using obfsproxy pluggable transports.
9. Execute non-interactive commands on multiple hosts at once.
10. Commands and scripts running on remote hosts are interruptible.
11. Auto-completion for #commands and arguments.
12. Custom config can be defined: command aliases, modules. automatically run at connection, etc.
13. Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
14. Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
15. Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
16. Execute the PE executable remotely and from memory.
17. Generate payloads in various formats:
#Download #Link:--
https://github.com/n1nj4sec/pupy
Pupy:-- #Pupy is an #opensource, #cross-platform (#Windows, #Linux, #OSX, #Android) #remote #administration and #post-#exploitation tool mainly written in #python.
Pupy is a cross-platform, multi-function #RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple modes of #transport, migrate into #processes using reflective #injection, and load remote python code, python packages and python C-extensions from #memory.
Features:-
1. Windows #payload can load the entire Python #interpreter from memory using a reflective #DLL.
2. Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
3. Reflectively migrate into other processes.
4. Easily extensible, modules are simple to write and are sorted by os and category.
5. Modules can directly access python objects on the remote client using rpyc.
6. Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
7. Communication transports are modular and stackable. Exfiltrate data using #HTTP over HTTP over #AES over #XOR, or any combination of the available transports.
8. Communicate using obfsproxy pluggable transports.
9. Execute non-interactive commands on multiple hosts at once.
10. Commands and scripts running on remote hosts are interruptible.
11. Auto-completion for #commands and arguments.
12. Custom config can be defined: command aliases, modules. automatically run at connection, etc.
13. Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
14. Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
15. Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
16. Execute the PE executable remotely and from memory.
17. Generate payloads in various formats:
Pupy is a cross-platform, multi-function #RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple modes of #transport, migrate into #processes using reflective #injection, and load remote python code, python packages and python C-extensions from #memory.
Features:-
1. Windows #payload can load the entire Python #interpreter from memory using a reflective #DLL.
2. Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
3. Reflectively migrate into other processes.
4. Easily extensible, modules are simple to write and are sorted by os and category.
5. Modules can directly access python objects on the remote client using rpyc.
6. Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
7. Communication transports are modular and stackable. Exfiltrate data using #HTTP over HTTP over #AES over #XOR, or any combination of the available transports.
8. Communicate using obfsproxy pluggable transports.
9. Execute non-interactive commands on multiple hosts at once.
10. Commands and scripts running on remote hosts are interruptible.
11. Auto-completion for #commands and arguments.
12. Custom config can be defined: command aliases, modules. automatically run at connection, etc.
13. Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
14. Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
15. Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
16. Execute the PE executable remotely and from memory.
17. Generate payloads in various formats:
#Download #Link:--
https://github.com/n1nj4sec/pupy
Pupy:-- #Pupy is an #opensource, #cross-platform (#Windows, #Linux, #OSX, #Android) #remote #administration and #post-#exploitation tool mainly written in #python.
Pupy is a cross-platform, multi-function #RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple modes of #transport, migrate into #processes using reflective #injection, and load remote python code, python packages and python C-extensions from #memory.
Features:-
1. Windows #payload can load the entire Python #interpreter from memory using a reflective #DLL.
2. Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
3. Reflectively migrate into other processes.
4. Easily extensible, modules are simple to write and are sorted by os and category.
5. Modules can directly access python objects on the remote client using rpyc.
6. Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
7. Communication transports are modular and stackable. Exfiltrate data using #HTTP over HTTP over #AES over #XOR, or any combination of the available transports.
8. Communicate using obfsproxy pluggable transports.
9. Execute non-interactive commands on multiple hosts at once.
10. Commands and scripts running on remote hosts are interruptible.
11. Auto-completion for #commands and arguments.
12. Custom config can be defined: command aliases, modules. automatically run at connection, etc.
13. Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
14. Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
15. Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
16. Execute the PE executable remotely and from memory.
17. Generate payloads in various formats:
Photos from National Cyber Security Services's post
Android Application Analyzer:-- The #tool is used to #analyze the content of the #android #application in local storage.
Install the dependency using following #command:-
1. chmod +x setup.sh
2. ./setup.sh
Use the following command to run the tool:
1. python3 main.py
In order to run "Fridump" and "Frida #universal #ssl unpinning" script, #Frida client must be installed on base machine
#Download #Link:-
https://github.com/NotSoSecure/android_application_analyzer
Android Application Analyzer:-- The #tool is used to #analyze the content of the #android #application in local storage.
Install the dependency using following #command:-
1. chmod +x setup.sh
2. ./setup.sh
Use the following command to run the tool:
1. python3 main.py
In order to run "Fridump" and "Frida #universal #ssl unpinning" script, #Frida client must be installed on base machine
#Download #Link:-
https://github.com/NotSoSecure/android_application_analyzer
CVE-2020-0683:-- #Windows #MSI “Installer service” #Elevation of #Privilege.
#Download #Link:-
https://github.com/padovah4ck/CVE-2020-0683
CVE-2020-0683:-- #Windows #MSI “Installer service” #Elevation of #Privilege.
#Download #Link:-
https://github.com/padovah4ck/CVE-2020-0683
#Download #Link:-
https://github.com/padovah4ck/CVE-2020-0683
CVE-2020-0683:-- #Windows #MSI “Installer service” #Elevation of #Privilege.
#Download #Link:-
https://github.com/padovah4ck/CVE-2020-0683