Sign in to follow this
Followers
0
-
Similar Content
-
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. xeca is a project that creates encrypted PowerShell payloads for offensive purposes.
Creating position independent shellcode from DLL files is also possible.
How It Works
Identify and encrypt the payload. Load encrypted payload into a powershell script and save to a file named “launch.txt”
The key to decrypt the payload is saved to a file named “safe.txt”
Execute “launch.txt” on a remote host
The script will call back to the attacker defined web server to retrieve the decryption key “safe.txt”
Decrypt the payload in memory
Execute the intended payload in memory
Changelog v0.3
ETW and Script Block Logging bypass added to all payloads.
The bypasses can be disabled with –disable-etw and –disable-script-logging.
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. HawkScan
Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)
This script uses “WafW00f” to detect the WAF in the first step.
This script uses “Sublist3r” to scan subdomains.
This script uses “waybacktool” to check in waybackmachine.
Features
URL fuzzing and dir/file detection
Test backup/old file on all the files found (index.php.bak, index.php~ …)
Check header information
Check DNS information
Check whois information
User-agent random or personal
Extract files
Keep a trace of the scan
Check @mail in the website and check if @mails leaked
CMS detection + version and vulns
Subdomain Checker
Backup system (if the script stopped, it take again in the same place)
WAF detection
Add personal prefix
Auto-update script
Auto or personal output of scan (scan.txt)
Check Github
Recursive dir/file
Scan with an authentication cookie
Option –profil to pass profil page during the scan
HTML report
Work it with py2 and py3
Add option rate-limit if the app is unstable (–timesleep)
Check-in waybackmachine
Response error to WAF
Check if DataBase firebaseio exist and accessible
Automatic threads depending on the response to a website (and reconfig if WAF detected too many times). Max: 30
Search S3 buckets in source code page
Testing bypass of waf if detected
Testing if it’s possible scanning with “localhost” host
Changelog v1.5.3
– add setup.sh
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. CRACKMAPEXEC
CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve it’s functionality and allowing it to evade most endpoint protection/IDS/IPS solutions.
CME makes heavy use of the Impacket library (developed by @asolino) and the PowerSploit Toolkit (developed by @mattifestation) for working with network protocols and performing a variety of post-exploitation techniques.
Although meant to be used primarily for offensive purposes (e.g. red teams), CME can be used by blue teams as well to assess account privileges, find possible misconfiguration, and simulate attack scenarios.
CrackMapExec is developed by @byt3bl33d3r
This repository contains the following repositories as submodules:
Impacket
Pywinrm
Pywerview
PowerSploit
Invoke-Obfuscation
Invoke-Vnc
Mimikittenz
NetRipper
RandomPS-Scripts
SessionGopher
Mimipenguin
Changelog v5.1.1dev
💫 Features 💫
Switched from Pipenv to Poetry for development and dependency management.
Now has Windows binaries!
Hidden Content
Give reaction to this post to see the hidden content. -
-
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Security Onion
Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
Below are several diagrams to represent the current architecture and deployment scenarios for Security Onion on the Elastic Stack.
Core Components
Logstash – Parse and format logs.
Elasticsearch – Ingest and index logs.
Kibana – Visualize ingested log data.
Auxiliary Components
Curator – Manage indices through scheduled maintenance.
ElastAlert – Query Elasticsearch and alert on user-defined anomalous behavior or other interesting bits of information.
FreqServer -Detect DGAs and find random file names, script names, process names, service names, workstation names, TLS certificate subjects and issuer subjects, etc.
DomainStats – Get additional info about a domain by providing additional context, such as creation time, age, reputation, etc.
Changelog v2.2 RC3
First, we have a new so-analyst script that will optionally install a GNOME desktop environment, Chromium web browser, NetworkMiner, Wireshark, and many other analyst tools.
Next, we’ve collapsed Hunt filter icons and action links into a new quick action bar that will appear when you click a field value. Actions include:
Filtering the hunt query
Pivot to PCAP
Create an alert in TheHive
Google search for the value
Analyze the value on VirusTotal.com
Finally, we’ve greatly improved support for airgap deployments. There is more work to be done in the next release, but we’re getting closer!
Hidden Content
Give reaction to this post to see the hidden content.
-