Pupy:-- #Pupy is an #opensource, #cross-platform (#Windows, #Linux, #OSX, #Android) #remote #administration and #post-#exploitation tool mainly written in #python.
Pupy is a cross-platform, multi-function #RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple modes of #transport, migrate into #processes using reflective #injection, and load remote python code, python packages and python C-extensions from #memory.
Features:-
1. Windows #payload can load the entire Python #interpreter from memory using a reflective #DLL.
2. Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
3. Reflectively migrate into other processes.
4. Easily extensible, modules are simple to write and are sorted by os and category.
5. Modules can directly access python objects on the remote client using rpyc.
6. Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
7. Communication transports are modular and stackable. Exfiltrate data using #HTTP over HTTP over #AES over #XOR, or any combination of the available transports.
8. Communicate using obfsproxy pluggable transports.
9. Execute non-interactive commands on multiple hosts at once.
10. Commands and scripts running on remote hosts are interruptible.
11. Auto-completion for #commands and arguments.
12. Custom config can be defined: command aliases, modules. automatically run at connection, etc.
13. Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
14. Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
15. Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
16. Execute the PE executable remotely and from memory.
17. Generate payloads in various formats:
#Download #Link:--
https://github.com/n1nj4sec/pupy
Pupy:-- #Pupy is an #opensource, #cross-platform (#Windows, #Linux, #OSX, #Android) #remote #administration and #post-#exploitation tool mainly written in #python.
Pupy is a cross-platform, multi-function #RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple modes of #transport, migrate into #processes using reflective #injection, and load remote python code, python packages and python C-extensions from #memory.
Features:-
1. Windows #payload can load the entire Python #interpreter from memory using a reflective #DLL.
2. Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
3. Reflectively migrate into other processes.
4. Easily extensible, modules are simple to write and are sorted by os and category.
5. Modules can directly access python objects on the remote client using rpyc.
6. Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
7. Communication transports are modular and stackable. Exfiltrate data using #HTTP over HTTP over #AES over #XOR, or any combination of the available transports.
8. Communicate using obfsproxy pluggable transports.
9. Execute non-interactive commands on multiple hosts at once.
10. Commands and scripts running on remote hosts are interruptible.
11. Auto-completion for #commands and arguments.
12. Custom config can be defined: command aliases, modules. automatically run at connection, etc.
13. Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
14. Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
15. Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
16. Execute the PE executable remotely and from memory.
17. Generate payloads in various formats:
Pupy is a cross-platform, multi-function #RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple modes of #transport, migrate into #processes using reflective #injection, and load remote python code, python packages and python C-extensions from #memory.
Features:-
1. Windows #payload can load the entire Python #interpreter from memory using a reflective #DLL.
2. Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
3. Reflectively migrate into other processes.
4. Easily extensible, modules are simple to write and are sorted by os and category.
5. Modules can directly access python objects on the remote client using rpyc.
6. Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
7. Communication transports are modular and stackable. Exfiltrate data using #HTTP over HTTP over #AES over #XOR, or any combination of the available transports.
8. Communicate using obfsproxy pluggable transports.
9. Execute non-interactive commands on multiple hosts at once.
10. Commands and scripts running on remote hosts are interruptible.
11. Auto-completion for #commands and arguments.
12. Custom config can be defined: command aliases, modules. automatically run at connection, etc.
13. Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
14. Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
15. Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
16. Execute the PE executable remotely and from memory.
17. Generate payloads in various formats:
#Download #Link:--
https://github.com/n1nj4sec/pupy
Pupy:-- #Pupy is an #opensource, #cross-platform (#Windows, #Linux, #OSX, #Android) #remote #administration and #post-#exploitation tool mainly written in #python.
Pupy is a cross-platform, multi-function #RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple modes of #transport, migrate into #processes using reflective #injection, and load remote python code, python packages and python C-extensions from #memory.
Features:-
1. Windows #payload can load the entire Python #interpreter from memory using a reflective #DLL.
2. Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
3. Reflectively migrate into other processes.
4. Easily extensible, modules are simple to write and are sorted by os and category.
5. Modules can directly access python objects on the remote client using rpyc.
6. Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
7. Communication transports are modular and stackable. Exfiltrate data using #HTTP over HTTP over #AES over #XOR, or any combination of the available transports.
8. Communicate using obfsproxy pluggable transports.
9. Execute non-interactive commands on multiple hosts at once.
10. Commands and scripts running on remote hosts are interruptible.
11. Auto-completion for #commands and arguments.
12. Custom config can be defined: command aliases, modules. automatically run at connection, etc.
13. Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
14. Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
15. Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
16. Execute the PE executable remotely and from memory.
17. Generate payloads in various formats:
Photos from National Cyber Security Services's post
Android Application Analyzer:-- The #tool is used to #analyze the content of the #android #application in local storage.
Install the dependency using following #command:-
1. chmod +x setup.sh
2. ./setup.sh
Use the following command to run the tool:
1. python3 main.py
In order to run "Fridump" and "Frida #universal #ssl unpinning" script, #Frida client must be installed on base machine
#Download #Link:-
https://github.com/NotSoSecure/android_application_analyzer
Android Application Analyzer:-- The #tool is used to #analyze the content of the #android #application in local storage.
Install the dependency using following #command:-
1. chmod +x setup.sh
2. ./setup.sh
Use the following command to run the tool:
1. python3 main.py
In order to run "Fridump" and "Frida #universal #ssl unpinning" script, #Frida client must be installed on base machine
#Download #Link:-
https://github.com/NotSoSecure/android_application_analyzer
CVE-2020-0683:-- #Windows #MSI “Installer service” #Elevation of #Privilege.
#Download #Link:-
https://github.com/padovah4ck/CVE-2020-0683
CVE-2020-0683:-- #Windows #MSI “Installer service” #Elevation of #Privilege.
#Download #Link:-
https://github.com/padovah4ck/CVE-2020-0683
#Download #Link:-
https://github.com/padovah4ck/CVE-2020-0683
CVE-2020-0683:-- #Windows #MSI “Installer service” #Elevation of #Privilege.
#Download #Link:-
https://github.com/padovah4ck/CVE-2020-0683
Trojan-Qt5:-- A #cross-platform #trojan #GUI #client, based on Shadowsocks-qt.
Requirement:-
1. #Windows, #macOS, #Linux
2. c++ compiler(cl, clang, #gcc)
3. Qt 5.13.0 +
4. QHttpServer(follow the instruction below to install)
#Download #Link:-
https://github.com/TheWanderingCoel/Trojan-Qt5
Trojan-Qt5:-- A #cross-platform #trojan #GUI #client, based on Shadowsocks-qt.
Requirement:-
1. #Windows, #macOS, #Linux
2. c++ compiler(cl, clang, #gcc)
3. Qt 5.13.0 +
4. QHttpServer(follow the instruction below to install)
#Download #Link:-
https://github.com/TheWanderingCoel/Trojan-Qt5
Requirement:-
1. #Windows, #macOS, #Linux
2. c++ compiler(cl, clang, #gcc)
3. Qt 5.13.0 +
4. QHttpServer(follow the instruction below to install)
#Download #Link:-
https://github.com/TheWanderingCoel/Trojan-Qt5
Trojan-Qt5:-- A #cross-platform #trojan #GUI #client, based on Shadowsocks-qt.
Requirement:-
1. #Windows, #macOS, #Linux
2. c++ compiler(cl, clang, #gcc)
3. Qt 5.13.0 +
4. QHttpServer(follow the instruction below to install)
#Download #Link:-
https://github.com/TheWanderingCoel/Trojan-Qt5
Forwarded from سوريا الخبر
😊الليلة بقدر الامكان حاول انزلكم شروحات كتيرة عشان احتمال اختفي لان ممتحن 😊
اول شرح ح ابدأ nmap :
في ناس بتعرف تستخدم nmap بطريقة full options وناس بتعرف تستخدمها ك basic
طيب اهم طرق للبحث واخذ gathering info :
طرق الهجوم :
للبحث عن subnet نكتب الامر مثلا:
nmap 172.25.40.0/24
غالبا بكون (24-21-18-28)
طيب عاوزين نعمل range لل ip مثلا نكتب :
nmap 172.25.40.100-200
بعمل range لل ip بشوف متاح منها وبديك info عنه 😊
عاوز تعمل بحث عن ports لي مجموعة كبيرة من ip واضعهم في ملف مثلا
sd.txt
تكتب الاتي :
nmap -iL sd.txt
مثلا عاوز تعمل detect لل os or service تكتب :
nmap -A 172.25.40.132
عاوز تعمل aggressive service :
nmap -sV -version-inteversion-intenstversion-inteversion-intensity 10 172.25.40.132
طيب نخش في script مهم جدا :
الامر help لل script
nmap -script-help=ssl-heartbleed
عاوز تعرف netbois :
nmap -sU -script nbtstat.nse -p 172.25.40.140
عاوز تعرف paths لل ip او موقع :
nmap --script=http-enum
هذا الامر حلو جدا : لمعرفة وعمل ddos على UDP :
nmap -sU -A -PN -n -pu:92.53.121.161 - script=ntp-monlist,dns-recursion,snmp-sysdescr 172.16.44.2/24
#tipsnmap 😍
اول شرح ح ابدأ nmap :
في ناس بتعرف تستخدم nmap بطريقة full options وناس بتعرف تستخدمها ك basic
طيب اهم طرق للبحث واخذ gathering info :
طرق الهجوم :
للبحث عن subnet نكتب الامر مثلا:
nmap 172.25.40.0/24
غالبا بكون (24-21-18-28)
طيب عاوزين نعمل range لل ip مثلا نكتب :
nmap 172.25.40.100-200
بعمل range لل ip بشوف متاح منها وبديك info عنه 😊
عاوز تعمل بحث عن ports لي مجموعة كبيرة من ip واضعهم في ملف مثلا
sd.txt
تكتب الاتي :
nmap -iL sd.txt
مثلا عاوز تعمل detect لل os or service تكتب :
nmap -A 172.25.40.132
عاوز تعمل aggressive service :
nmap -sV -version-inteversion-intenstversion-inteversion-intensity 10 172.25.40.132
طيب نخش في script مهم جدا :
الامر help لل script
nmap -script-help=ssl-heartbleed
عاوز تعرف netbois :
nmap -sU -script nbtstat.nse -p 172.25.40.140
عاوز تعرف paths لل ip او موقع :
nmap --script=http-enum
هذا الامر حلو جدا : لمعرفة وعمل ddos على UDP :
nmap -sU -A -PN -n -pu:92.53.121.161 - script=ntp-monlist,dns-recursion,snmp-sysdescr 172.16.44.2/24
#tipsnmap 😍