Search the Community

Windows For Windows, IPBan is supported on Windows Server 2008 or equivalent or newer. Windows XP and Server 2003 are NOT supported. Extract the IPBan.zip (inside is IPBanWindows.zip) file to a place on your computer. Right-click on all the extracted files and select properties. Make sure to select “unblock” if the option is available. You MUST make this change to the local security policy to ensure IP addresses show up: Change Local Security Policy -> Local Policies -> Audit Policy and turn failure logging on for “audit account logon events” and “audit logon events”. From an admin command prompt: auditpol /set /category:”Logon/Logoff” /success:enable /failure:enable For Windows Server 2008 or equivalent, you should disable NTLM logins and only allow NTLM2 logins. On Windows Server 2008, there is no way to get the ip address of NTLM logins. Use secpol -> local policies -> security options -> network security restrict NTLM incoming NTLM traffic -> deny all accounts. To run as a Windows service run “sc create IPBAN type= own start= auto binPath= c:\path\to\service\IPBan.exe DisplayName= IPBAN”. The service needs a file system, event viewer, and firewall access, so please run as SYSTEM to ensure permissions. To run as a console app, simply run IPBan.exe and watch console output. If you want to run and debug code in Visual Studio, make sure to run Visual Studio as administrator. Visual Studio 2017 or newer is required, along with .net core 2.1.1. The community edition is free. Linux IPBan is currently supported on Ubuntu 16.X – 18.X. For other Linux or MAC, you may need to adjust some of the instructions and add config file entries for the appropriate log files to parse. SSH into your server as root. If using another admin account name, substitute all root user instances with your account name. Changelog v1.8 Integration with [Hidden Content] (see here) [hide][Hidden Content]]

Eventmie Pro – Create a dedicated multi-organization platform for Event Planning & management. [Hidden Content] [hide][Hidden Content]]

Malware Scanner will help you to scan your website with one simple click. It can find both known and unknown viruses, shells, malware, malicious code infections and other website threats. [Hidden Content] [hide][Hidden Content]]

4n4lDetector es una herramienta de análisis de archivos ejecutables, bibliotecas, controladores y mdumps de Microsoft Windows para x86 y x64. A partir de la versión 1.8, también se incluye un uso extendido para analizar anomalías en los ejecutables ELF de Linux. Su principal objetivo es recopilar la información necesaria para facilitar la identificación de código malicioso dentro de los archivos analizados. Esta herramienta analiza, entre otras cosas, la cabecera PE y su estructura, el contenido de las secciones, los diferentes tipos de cadenas, entre muchas otras cosas. También incorpora multitud de ideas propias para reconocer anomalías en la construcción de los ejecutables y la detección de mecanismos utilizados usualmente en el malware actual. [+] Detección de doble cabecera en ejecutables ELF Linux [+] Se incluye la extracción del número de versión de UPX para ejecutables ELF Linux (Muy utilizado en malware actualmente) [+] Agregada la identificación de todos los tipos de ejecutables ELF Linux [+] La interfaz de usuario es más amigable que nunca. [+] Se incluye el primer fragmento de la Rich signature en caso de encontrarlo. [+] He tardado 9 versiones de 4n4lDetector... pero ha llegado, ya se puede maximizar el formulario! [+] Mejorado el algoritmo de identificación de correos electrónicos para evitar direcciones duplicadas. [+] Solucionado un bug que podría cerrar la aplicación inesperadamente tras la apertura de un tipo específico de fichero. [+] Mejorada la limpieza de cadenas tras la extracción de librerías en formato UNICODE. [+] Solucionado un bug al mostrar las funciones disponibles y su recuento en la tabla de exportaciones. [+] Agregada una funcionalidad de visualización de reportes "[W]" desde un visor Web con las siguientes herramientas -> Opciones de modificación del título y contenido del reporte -> Un visor del código HTML generado para la visualización -> Un botón para realizar el salvado del reporte a un documento -> Integrado un botón para la apertura de la carpeta que alberga todos los reportes guardados [+] Agregado el parámetro "-HTML" para la extracción de reportes en formato HTML por consola: -> 4n4lDetector.exe Path\App.exe -HTML [hide][Hidden Content]]

Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can be added on GitHub here. Pull requests are mostly automated and as long as our automated tests pass the new algorithm will be usable on HashDB within minutes. Installing HashDB Before using the plugin you must install the python requests module in your IDA environment. The simplest way to do this is to use pip from a shell outside of IDA. (pip install requests) Once you have the requests module installed simply copy the latest release of hashdb.py into your IDA plugins directory and you are ready to start looking up hashes! Use HashDB can be used to look up strings that have been hashed in malware by right-clicking on the hash constant in the IDA disassembly view and launching the HashDB Lookup client. Settings Before the plugin can be used to look up hashes the HashDB settings must be configured. The settings window can be launched from the plugins menu Edit->Plugins->HashDB. [hide][Hidden Content]]

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. It can even find non-standard ports by using the -sV inside Nmap. Supported Services ssh ftp telnet vnc mssql mysql postgresql rsh imap nntp pcanywhere pop3 rexec rlogin smbnt smtp svn vmauthd Changelog v1.8 added ability to parse Nexpose “XML Export” added ability to parse Nessus “.nessus” files added set() to iplist to ensure unique only [hide][Hidden Content]]

A Hex Editor for Reverse Engineers, Programmers, and people that value their eyesight when working at 3 AM Features Featureful hex view Byte patching Patch management Copy bytes as feature Bytes Hex string C, C++, C#, Rust, Python, Java & JavaScript array ASCII-Art hex view HTML self-contained div String and hex search Colorful highlighting Goto from start, end, and current cursor position Custom C++-like pattern language for parsing highlighting a file’s content Automatic loading based on MIME-type arrays, pointers, structs, unions, enums, bitfields, using declarations, litte and big-endian support Useful error messages, syntax highlighting, and error marking Data importing Base64 files IPS and IPS32 patches Data exporting IPS and IPS32 patches Data Exporting Data inspector allowing interpretation of data as many different types (little and big-endian) Huge file support with fast and efficient loading Strings search Copying of strings Copying of detangled strings File hashing support CRC16 and CRC32 with custom initial values and polynomials MD4, MD5 SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 Disassembler supporting many different architectures ARM32 (ARM, Thumb, Cortex-M, aarch32) ARM64 MIPS (MIPS32, MIPS64, MIPS32R6, Micro) x86 (16 bit, 32 bit, 64 bit) PowerPC (32 bit, 64 bit) Sparc SystemZ XCore M68K TMS320C64X M680X Ethereum Bookmarks Region highlighting Comments Data Analyzer File magic-based file parser and MIME type database Byte distribution graph Entropy graph Highest and avarage entropy Encrypted / Compressed file detection Helpful tools Itanium and MSVC demangler ASCII table Regex replacer Mathematical expression evaluator (Calculator) Hexadecimal Color picker Built-in cheat sheet for pattern language and Math evaluator Doesn’t burn out your retinas when used in late-night sessions Changelog v1.8 Additions Added a new and super fancy splash screen! All resource loading will now be done while this screen is shown Added German localization. Thanks a lot to @tumGER for proof reading! Added Italian localization. Thanks a lot to @CrustySean! Updated ImHex icon with a new one Added FPS limiting ImHex is now less power hungry and lowers its FPS to 5 when the window loses focus Added Paste, Undo and Redo function! This has LONG been overdue Added saving and loading of data processor setups Added data size node to the data processor Added ability to copy values from the data inspector Data overlays now work everywhere This means if the data processor changed the displayed data, this data will also show up in the pattern data view, inspector, analyzer, disassembler and every where else Added parent keyword to the pattern language This allows you to access variables that are found in the parent of the current structure Added array index syntax to r-values in the pattern language This also turned the addressof and sizeof built-in function into operators now so they no longer require “” Added UTF-16 character type and strings to the pattern language Allow nested use of types in the pattern language Added dataSize() function to the pattern language to get the currently loaded data size Added base_address pragma to the pattern language to automatically set the file’s base address Loaded plugins are now displayed on the welcome screen Added slider to entropy graph to quickly skip through the file Added Recent Files to File menu Added ability to lock bookmarks so they can’t be edited anymore until unlocked Added Font Awesome icons in a few places Use correct folder paths on Mac and Linux instead of looking for everything next to the executable Check the README to know where things are supposed to go now! Added memory usage footer item on Windows Added buffer combine, slice and repeat nodes to the data processor Added currently loaded file name to the window title Added Close File option to the File Menu Added hex editor color highlighting opacity setting Improvements Pattern language execution, disassembling, searching and many other things that may take a long time to complete are now run asynchronously Properly open some default views on first launch Greatly improved the Data Analyzer interface with ImPlot ImHex now uses the system file dialog instead of a custom one to open files Improved colors used on the welcome screen Variables placed out of bounds are now discarded instead of causing a error Improved goto command to now respect base addresses Bug fixes Fixed multiple severe memory leaks in the pattern language Fixed bookmark names and comments refusing to be changed Fixed color attribute requiring a 0x prefix to understand the value Fixed region selection event only selecting first byte Fixed eval_depth default value being way too low Fixed ternary expressions in the pattern language not working everywhere Fixed bookmark name and comment not being loaded properly from a project file Fixed binary value in base converter being shifted by one Fixed pointers in the pattern language easily crashing ImHex Fixed MIME-based pattern loading popup being almost unusable. Thanks to @ThisALV for making me aware of this [hide][Hidden Content]]

Name-That-Hash What is this? Have you ever come across a hash such as 5f4dcc3b5aa765d61d8327deb882cf99 and wondered what type of hash that is? 🤔 Name-that-hash will name that hash type! 🔥 Features 📺 Popularity Ratings – Name that hash will show you the most popular hashes first. In older systems, it would prioritise Skype Hash the same as Active Directory’s NTLM! Which makes as much sense as saying that my GitHub is as popular as VSCode 📈 ✍ Hash Summaries – no more wondering whether it’s MD5 or NTLM. It will summarise the main usage of each hash, allowing you to make an informed & decisive choice ⚡ 🌈 Colour Output – Don’t worry, the colours were hand-selected with a designer to be 100% accessible and gnarly 😎 🤖 JSON output && API – Want to use it in your project? We are API first, CLI second. Use JSON output or import us as a Python module! 💾 👵 Updated! – HashID was last updated in 2015. Hash-Identifier in 2011! It is a 2021 project 🦧 ♿ Accessible – We are 100% committed to making this an accessible hacking tool 🙏 🎫 Extensible – Add new hashes as quickly as you can edit this README. No, seriously — it’s that easy! 🎱 Changelog v1.8 Update setup.py and fix typo (#98) @SkeletalDemise Remove Loguru from pyproject.toml and poetry.lock (#97) @bee-san Added one new Office hash type and updated some of the old ones (#95) @amadejpapez Upgrade to GitHub-native Dependabot (#94) @dependabot-preview Fix for the latest office test (#93) @amadejpapez Added MS Office <= 2003, Blake2b-512, Telegram Mobile App Passcode (#92) @amadejpapez [hide][Hidden Content]]

Modesy is a marketplace and classified ads script that you can sell physical and digital products. It allows you to use marketplace and classified ads options at the same time. You can use this script as a multi-vendor store or you can use it as a store where you can sell your own products. It has clean, responsive and user-friendly design. You can manage almost everything in your site with its powerful Admin panel. It is secure, SEO-optimized, fast, fully customizable and easy to use. [Hidden Content] [hide][Hidden Content]]

SourceWolf Amazingly fast response crawler to find juicy stuff in the source code! What can SourceWolf do? Crawl through responses to find hidden endpoints, either by sending requests or from the local response files (if any). Brute forcing host using a wordlist. Get the status codes for a list of URLs / Filtering out the live domains from a list of hosts. All the features mentioned above execute with great speed. SourceWolf uses the Session module from the requests library, which means, it reuses the TCP connection, making it really fast. SourceWolf provides you with an option to crawl the responses files locally so that you aren’t sending requests again to an endpoint, whose response you already have a copy of. The final endpoints are in a complete form with a host like [Hidden Content] are not as /api/admin. This can come useful when you are scanning a list of hosts. Changelog v1.8 new-features: SourceWolf can now grab github and linkedin profiles along with social media links! [hide][Hidden Content]]

Features: Port Forwarding using Ngrok Legal disclaimer: Usage of Shellphish for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program [hide][Hidden Content]]

Start your own website like OnlyFans.com or Patreon.com and grow like mad. It’s like a social network but allows content creators to directly earn MONEY from their FANS for their PREMIUM content. [Hidden Content] [hide][Hidden Content]]

An effective deal begins some time before somebody clicks “purchase.” Create a store as novel as your image and make an uncommon encounter for exploring your items, substance and site [Hidden Content] [hide][Hidden Content]]

Break out the Box (BOtB) BOtB is a container analysis and exploitation tool designed to be used by pentesters and engineers while also being CI/CD friendly with common CI/CD technologies. What does it do? BOtB is a CLI tool which allows you to: Exploit common container vulnerabilities Perform common container post-exploitation actions Provide capability when certain tools or binaries are not available in the Container Use BOtB’s capabilities with CI/CD technologies to test container deployments Perform the above in either a manual or an automated approach Current Capabilities Find and Identify UNIX Domain Sockets Identify UNIX domain sockets which support HTTP Find and identify the Docker Daemon on UNIX domain sockets or on an interface Analyze and identify sensitive strings in ENV and process in the ProcFS i.e /Proc/{pid}/Environ Identify metadata services endpoints i.e [Hidden Content], [Hidden Content] and [Hidden Content] Perform a container breakout via exposed Docker daemons Perform a container breakout via CVE-2019-5736 Hijack host binaries with a custom payload Perform actions in CI/CD mode and only return exit codes > 0 Scrape metadata info from GCP metadata endpoints Push data to an S3 bucket Break out of Privileged Containers Force BOtB to always return a Exit Code of 0 (useful for non-blocking CI/CD) Perform the above from the CLI arguments or from a YAML config file Perform reverse DNS lookup Identify Kubernetes Service Accounts secrets and attempt to use them Changelog v1.8 In this release, the following is addressed: Added @initree‘s Keyctl pwnage to extract entries from the Linux Kernel Keyring ([Hidden Content]) Modified the new Keyctl code to be multi-threaded to make use of Go workers to speed up enumeration [hide][Hidden Content]]

URL Shortener Script is a stand alone URL Shortener, which allows the shortening of long URLs, custom aliases and generates QR codes for the URLs. The script is also mobile devices responsive and cross-browser compatible. Demo: [Hidden Content] [HIDE][Hidden Content]]

Pasteshr is a script which allows you to store any text online for easy sharing. The idea behind the script is to make it more convenient for people to share large amounts of text online. [Hidden Content] [Hidden Content]