Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk
This entire talk is a series of Jupyter Notebooks! To get started:
Clone this repo:
$ git clone https://github.com/HuskyHacks/the-crown-defcon615.git && cd the-crown-defcon615
Install poetry:
$ pip3 install poetry
Enter a Poetry shell:
$ poetry shell
From the poetry shell, install all the project dependencies:
$ poetry install
Start Jupyter Lab!
$ jupyter lab main.ipynb
vCenter SAML Login Tool A tool to extract the Identity Provider (IdP) cert from vCenter backups and log in as Administrator Background Commonly, durin
NexScanner NexScanner is a tool which helps you scan a website for sub-domains and also to find login pages in the website like the admin login panel
A toolkit for web reconnaissance, it's fast and easy to use. File Structure httpsuite/ main.py init.py db/ db.py init.py subdomains_db directories_db
Tools-Spartan This is a program that makes it easy for you to download and install tools used in Kali Linux, there are tons of tools available.
Password-Generator-using-Python A simple password generator that generates password for you. User can Copy the password to Clipboard. Project made usi
OrderbyHunter 一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景 1. 支持Get/Post型请求参数的探测,被动探测,对于存在Orderby注入的请求将会在HTTP Histroy里标红 2. 自定义排序参数list
yLog4j This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log
proto A fast tool to scan prototype pollution vulnerability Syntax python3 proto.py -l alive.txt Requirements Selenium Google Chrome Webdriver Note :
BurpSuite Extension: Log4j RCE Scanner
PokeBot Deck Builder Brute-forcing (or not!) deck builder for Pokemon Trading Card Game. Warning: intensely not optimized and spaghetti coded Credits
Docker-Vulnerability-Check Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software i
Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities Features 1 Scan one website 2 Scan multiple websites Insta
This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit re
Custom Wordlist This repo is about steps to take in order to create a effective custom wordlist in a few clicks. this comes handing in pentesting enga
mailcat The only cat who can find existing email addresses by nickname. Usage First install requirements: pip3 install -r requirements.txt Then just
Cookiecutter for rapidly developing new open source Python packages. Best practices with all the modern bells and whistles included.
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220
MayorSecDNSScan MSDNSScan is used to identify DNS records for target domains and check for zone transfers. There really isn't much special about it, a
FutureHelper Supports macOS and Windows Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's (including beta firmwares) fo
An Obfuscation-Neglect Android Malware Scoring System Quark-Engine is also bundled with Kali Linux, BlackArch. A trust-worthy, practical tool that's r
343 Dec 31, 2022
8 Sep 03, 2022
22 Jul 22, 2022
1 Nov 10, 2021
1 Nov 02, 2022
21 Aug 12, 2022
1 Jan 31, 2022
4 Aug 31, 2021
1 Dec 16, 2021
0 Jan 10, 2022
103 Aug 20, 2022
9 Dec 30, 2022
22 Nov 09, 2022
2 Oct 08, 2022
282 Dec 30, 2022
177 Dec 22, 2022
224 Aug 05, 2022
68 Dec 12, 2022
7 Jan 05, 2023
1k Jan 04, 2023