Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk
This entire talk is a series of Jupyter Notebooks! To get started:
Clone this repo:
$ git clone https://github.com/HuskyHacks/the-crown-defcon615.git && cd the-crown-defcon615
Install poetry:
$ pip3 install poetry
Enter a Poetry shell:
$ poetry shell
From the poetry shell, install all the project dependencies:
$ poetry install
Start Jupyter Lab!
$ jupyter lab main.ipynb
NS-LOOKUP A python script for scanning website for getting ip address of a websi
Python Log4RCE An all-in-one pure Python3 PoC for CVE-2021-44228. Configure Replace the global variables at the top of the script to your configuratio
CVE 2020-14871 Solaris exploit This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems. The act
Web Headers Security Scanner
Hikvisioninformation Hikvision 流媒体管理服务器敏感信息泄漏 Options optional arguments: -h, --help show this help message and exit -u url, --url url
Sunflower_get_Password 一款针对向日葵的识别码和验证码提取工具 👮🏻♀️ 免责声明 由于传播、利用Sunflower_get_Password工具提供的功能而造成的任何直接或者间接的后果及损失,均由使用者本人负责,本人不为此承担任何责任。 安装环境 本工具使用Python
Cowrie Welcome to the Cowrie GitHub repository This is the official repository for the Cowrie SSH and Telnet Honeypot effort. What is Cowrie Cowrie is
520_APK_HOOK 介绍 将msf生成的payload,注入到一个正常的apk文件中,重新打包后进行加固,bypass手机安全管家的检测。 项目地址: https://github.com/cleverbao/520apkhook 作者: BaoGuo 优点 相比于原始的msf远控,此版本ap
CloudFlare reconnaissance, tries to uncover the IP behind CF.
hackinsta a program to hack instagram Yokoback_(instahack) is the file to open, you need libraries write on import. You run that file in the same fold
𝐇𝐔𝐒𝐊𝐄𝐄 Caracteristicas: Discord Token Grabber Wifi Passwords Grabber Googl
WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities Which is a great tool for web pentesters. Coded in python3, CLI. WebScan is capable of scanni
A toolkit for web reconnaissance, it's fast and easy to use. File Structure httpsuite/ main.py init.py db/ db.py init.py subdomains_db directories_db
Webpack-信息收集工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:小洲 团队:横戈安全团队,未来一段时间将陆续开源工具,欢迎关注微信公众号: 定位:协助红队人员快速的信息收集,测绘目
ParamsExtractor A burp-suite plugin that extract all parameters name from in-scope requests. You can run the plugin while you are working on the targe
🦑 dirbruter Simples brute forcer de diretorios para web pentest. ❕ Atenção Não ataque sites privados. Isto é illegal. 🖥️ Pré-requisitos Ultima versã
Polkit-exploit - CVE-2021-3560 Privilege escalation with polkit - CVE-2021-3560 Summary CVE-2021-3560 is an authentication bypass on polkit, which all
arp_spoof_detector A repository to detect the ARP spoofing in any devices and prevent Man in the Middle(MITM) attack using Python3 Usage: git clone ht
NoSecerets NoSecerets is a python script that is designed to crack hashes extremely fast. Faster even than Hashcat How does it work? Instead of taking
CVE-2021-42694 Generate malicious files using recently published homoglyph-attack vulnerability, which was discovered at least in C, C++, C#, Go, Pyth
5 Aug 02, 2022
178 Nov 09, 2022
2 Oct 25, 2022
3 Dec 16, 2022
13 Nov 09, 2022
635 Dec 20, 2022
4.1k Jan 09, 2023
368 Jan 02, 2023
8 Dec 03, 2021
1 Dec 04, 2021
4 Aug 17, 2022
12 Dec 02, 2022
22 Jul 22, 2022
214 Dec 19, 2022
29 Nov 09, 2022
6 Jan 22, 2022
95 Dec 27, 2022
1 Oct 30, 2021
9 Jul 04, 2022
17 Dec 11, 2022