Search the Community

Reverse Engineers’ Hex Editor A cross-platform (Windows, Linux, Mac) hex editor for reverse engineering, and everything else. Features Large (1TB+) file support Decoding of integer/floating-point value types Inline disassembly of machine code Highlighting and annotation of ranges of bytes Side by side comparison of selections Lua scripting support (API reference here) Virtual address mapping support Changelog v0.5.3 Correctly nest comments when updating comments panel (#169). Update text in comments panel when a comment is modified. Fix display of >4GiB virtual offsets in files that are <=4GiB (#170). Add support for code page 437 (IBM) and 932/936/949/950 (Microsoft). Fix handling of multibyte character boundaries in document view. Draw wide characters in document view (#173). Move forwards/backwards and select whole instructions from disassembly in document view. Don’t capture tab key press in text area of document view. Add missing error checks. Add number base option to “Jump to offset” dialog. Drawing optimisations (improves responsiveness), particularly on macOS. Fix some undefined behaviour issues. [hide][Hidden Content]]

pwncat is a post-exploitation platform. It started out as a wrapper around basic bind and reverse shells and has grown from there. It streamlines common red team operations while staging code from your attacker machine, not the target. pwncat intercepts the raw communication with a remote shell and allows the user to perform automated actions on the remote host including enumeration, implant installation, and even privilege escalation. After receiving a connection, pwncat will setup some common configurations for working with remote shells. Disable history in the remote shell Normalize shell prompt Locate useful binaries (usingwhich ) Attempt to spawn a pseudoterminal (pty) for a fully interactive session pwncat knows how to spawn pty’s with a few different methods and will cross-reference the methods with the executables previously enumerated. After spawning a pty, it will setup the controlling terminal in raw mode, so you can interact in a similar fashion to ssh. pwncat will also synchronize the remote pty settings (such as rows, columns, TERM environment variable) with your local settings to ensure the shell behaves correctly with interactive applications such as vim or nano. Features and Functionality pwncat provides two main features. At its core, its goal is to automatically set up a remote PseudoTerminal (pty) which allows interaction with the remote host much like a full SSH session. When operating in a pty, you can use common features of your remote shell such as history, line editing, and graphical terminal applications. The other half of pwncat is a framework which utilizes your remote shell to perform automated enumeration, persistence, and privilege escalation tasks. The local pwncat prompt provides a number of useful features for standard penetration tests including: File upload and download Automated privilege escalation enumeration Automated privilege escalation execution Automated persistence installation/removal Automated tracking of modified/created files pwncat also offers the ability to revert these remote “tampers” automatically The underlying framework for interacting with the remote host aims to abstract away the underlying shell and connection method as much as possible, allowing commands and plugins to interact seamlessly with the remote host. Changelog v0.5.3 Fix for argument parsing bug introduced in 0.5.2 which caused bind/connect protocols to be automatically interpreted as SSL even when --ssl was not provided. Changed Fixed parsing of --ssl argument (#231). [hide][Hidden Content]]

NoSQL scanner and injector. It aims to be fast, accurate, and highly usable, with an easy to understand command-line interface. Features Nosqli currently supports nosql injection detection for Mongodb. It runs the following tests: Error based – inject a variety of characters and payloads, searching responses for known Mongo errors Boolean Blind injection – inject parameters with true/false payloads and attempt to determine if an injection exists Timing injection – attempt to inject timing delays in the server, to measure the response. Changelog v0.5.3 Include an option to ignore certificate warnings [hide][Hidden Content]]

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. It recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1700 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb can be stealthy and fast, or thorough but slow. WhatWeb supports an aggression level to control the tradeoff between speed and reliability. When you visit a website in your browser, the transaction includes many hints of what web technologies are powering that website. Sometimes a single webpage visit contains enough information to identify a website but when it does not, WhatWeb can interrogate the website further. The default level of aggression, called ‘stealthy’, is the fastest and requires only one HTTP request of a website. This is suitable for scanning public websites. More aggressive modes were developed for use in penetration tests. Most WhatWeb plugins are thorough and recognize a range of cues from subtle to obvious. For example, most WordPress websites can be identified by the meta HTML tag, e.g. ‘<meta name=”generator” content=”WordPress 2.6.5″>’, but a minority of WordPress websites remove this identifying tag but this does not thwart WhatWeb. The WordPress WhatWeb plugin has over 15 tests, which include checking the favicon, default installation files, login pages, and checking for “/wp-content/” within relative links. Features: Over 1800 plugins Control the trade-off between speed/stealth and reliability Performance Tuning. Control how many websites to scan concurrently. Multiple log formats: Brief (greppable), Verbose (human readable), XML, JSON, MagicTree, RubyObject, MongoDB, ElasticSearch, SQL. Proxy support including TOR Custom HTTP headers Basic HTTP authentication Control over webpage redirection IP address ranges Fuzzy matching Result certainty awareness Custom plugins defined on the command line IDN (International Domain Name) support Changelog v.0.5.3 This is a minor release with miscellaneous changes ✨, seven new plugins 🚀, and two plugin updates ⚙️. 🔧 MISC #319 MongoDB logging now uses upsert (update by default, insert if new) (@juananpe) #314 Makefile now allows supports the PREFIX environment variable (@bfontaine) NEW PLUGINS Adobe Experience Manager (AEM) (@definity) JFrog Artifactory (@bcoles) Matomo (@urbanadventurer) MobileIron-MDM (@bcoles) Slack-Workspace (@bcoles) Wobserver (@urbanadventurer) Zoom (@bcoles) PLUGIN UPDATES Magento (@huntertl) phpMyAdmin (@juananpe) [hide][Hidden Content]]

AsyncRAT AsyncRAT is a Remote Access Tool (RAT) designed to remotely monitor and control other computers through a secure encrypted connection Included projects This project includes the following Access terminal for controlling clients Configurable client manageable via Terminal Log server recording all significant events Features Include: Client screen viewer & recorder Client Antivirus & Integrity manager Client SFTP access including upload & download Client & Server chat window Client Dynamic DNS & Multi-Server support (Configurable) Client Password Recovery Client JIT compiler Client Keylogger Client Anti Analysis (Configurable) Server Controlled updates Client Antimalware Start-up Server Config Editor Server multiport receiver (Configurable) Server thumbnails Server binary builder (Configurable) Server obfuscator (Configurable) And much more! News: fixed remote shell added prevent sleep added prevent av sample submit added execute ps1 files using send to disk fixed windows server issues [HIDE][Hidden Content]]