Search the Community

God Genesis is a C2 server purely coded in Python3 created to help Red Teamers and Penetration Testers. Currently, It only supports TCP reverse shell but waits a min, it’s a FUD and can give an admin shell from any targeted WINDOWS Machine. The List Of Commands It Supports:- =================================================================================================== BASIC COMMANDS: =================================================================================================== help –> Show This Options terminate –> Exit The Shell Completely exit –> Shell Works In Background And Prompted To C2 Server clear –> Clear The Previous Outputs =================================================================================================== SYSTEM COMMANDS: =================================================================================================== cd –> Change Directory pwd –> Prints Current Working Directory mkdir *dir_name* –> Creates A Directory Mentioned rm *dir_name* –> Deletes A Directoty Mentioned powershell [command] –> Run Powershell Command start *exe_name* –> Start Any Executable By Giving The Executable Name =================================================================================================== INFORMATION GATHERING COMMANDS: =================================================================================================== env –> Checks Enviornment Variables sc –> Lists All Services Running user –> Current User info –> Gives Us All Information About Compromised System av –> Lists All antivirus In Compromised System =================================================================================================== DATA EXFILTRATION COMMANDS: =================================================================================================== download *file_name* –> Download Files From Compromised System upload *file_name* –> Uploads Files To Victim Pc =================================================================================================== EXPLOITATION COMMANDS: =================================================================================================== persistence1 –> Persistance Via Method 1 persistence2 –> Persistance Via Method 2 get –> Download Files From Any URL chrome_pass_dump –> Dump All Stored Passwords From Chrome Bowser wifi_password –> Dump Passwords Of All Saved Wifi Networks keylogger –> Starts Key Logging Via Keylogger dump_keylogger –> Dump All Logs Done By Keylogger python_install –> Installs Python In Victim Pc Without UI Feature 1. The Payload.py is a FULLY UNDETECTABLE(FUD) use your own techniques for making an exe file. (Best Result When Backdoored With Some Other Legitimate Applications) 2. Able to perform privilege escalation on any Windows system. 3. Fud keylogger 4. 2 ways of achieving persistence 5. Recon automation to save your time. [hide][Hidden Content]]

Changelog v2.5.2 Patch Fix incompatible issue on Windows (#40) Replace all inline-flags PCRE pattern Remove Vault Token pattern due to false-positive Add kotlin to blacklist LinkFinder as class name Stripping secrets result of LinkFinder [hide][Hidden Content]]

Scanning APK file for URIs, endpoints & secrets. Changelog v2.5 Added patterns: Facebook Secret Key Facebook ClientID Twitter ClientID Twitter Secret Key Artifactory API Token Artifactory Password Authorization Basic Authorization Bearer Basic Auth Credentials Cloudinary Basic Auth Mailto Vault Token [hide][Hidden Content]]

apkLeaks Scanning APK file for URIs, endpoints & secrets. Changelog v2.1 Fix linter [hide][Hidden Content]]

[hide][Hidden Content]]

Scanning APK file for URIs, endpoints & secrets. [hide][Hidden Content]]

JSScanner Scanning JS Files for Endpoints and Secrets Gather the javascript file links present in a domain. Discover the endpoints present in those javascript Then save those javascript files for further static analysis where we can look for hardcoded credentials and stuff [hide][Hidden Content]]

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. Cisco Immunet versions prior to 6.2.0 and Cisco AMP For Endpoints version 6.2.0 are affected. View the full article