Visually inspect all of the regex matches (and their sexier, more cloak and dagger cousins, the YARA matches) found in binary data and/or text. See what happens when you force various character encodings upon those matched bytes. With colors. Quick Start pipx install yaralyzer# Scan against YARA definitions in a file:yaralyze --yara-rules /secret/vault/sigmunds_malware_rules.yara lacan_buys_the_dip.pdf# Scan against an arbitrary regular expression:yaralyze --regex-pattern 'good and evil.*of\s+\w+byte' the_crypto_archipelago.exe# Scan against an arbitrary YARA hex patternyaralyze --hex-pa ..read more

  SSTImap is a penetration testing software that can check websites for Code Injection and Server-Side Template Injection vulnerabilities and exploit them, giving access to the operating system itself. This tool was developed to be used as an interactive penetration testing tool for SSTI detection and exploitation, which allows more advanced exploitation. Sandbox break-out techniques came from: James Kett's Server-Side Template Injection: RCE For The Modern Web App Other public researches [1] [2] Contributions to Tplmap [3] [4]. This tool is capable of exploiting some code context esca ..read more

BlueHound is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network It is a fork of NeoDash, reimagined, to make it suitable for defensive security purposes. To get started with BlueHound, check out our introductory video, blog post and Nodes22 conference talk. BlueHound supports presenting your data as tables, graphs, bar charts, line charts, maps and more. It contains a Cyphe ..read more

Note: GUAC is under active development - if you are interested in contributing, please look at contributor guide and the "express interest" issue Graph for Understanding Artifact Composition (GUAC) aggregates software security metadata into a high fidelity graph database—normalizing entity identities and mapping standard relationships between them. Querying this graph can drive higher-level organizational outcomes such as audit, policy, risk management, and even developer assistance. Conceptually, GUAC occupies the “aggregation and synthesis” layer of the software supply chain transparency ..read more

DC Sonar Community Repositories The project consists of repositories: dc-sonar-frontend dc-sonar-user-layer dc-sonar-workers-layer ntlm-scrutinizer Disclaimer It's only for education purposes. Avoid using it on the production Active Directory (AD) domain. Neither contributor incur any responsibility for any using it. Social media Check out our Red Team community Telegram channel Description Architecture For the visual descriptions, open the diagram files using the diagrams.net tool. The app consists of: The dc-sonar-frontend is the fronted part of the user web interface bases on: Angular ..read more

This script will parse all the channels of events from the win-event log to extract all the log relatives to AppLocker. The script will gather all the important pieces of information relative to the events for forensic or threat-hunting purposes, or even in order to troubleshoot. Here are the logs we fetch from win-event: EXE and DLL, MSI and Script, Packaged app-Deployment, Packaged app-Execution. The output: The result will be displayed on the screen And, The result will be saved to a csv file: AppLocker-log.csv The juicy and useful information you will get with this script are ..read more

Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| S|Q|L|i| |D|e|t|e|c|t|o|r|| Coded By: Eslam Akl @eslam3kll & Khaled Nassar @knassar702| Version: 1.0.0| Blog: eslam3kl.medium.com+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Description The main idea for the tool is scanning for Error Based SQL Injection by using different payloads like '123''1 ..read more

Popeye - A Kubernetes Cluster Sanitizer Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations. It sanitizes your cluster based on what's deployed and not what's sitting on disk. By scanning your cluster, it detects misconfigurations and helps you to ensure that best practices are in place, thus preventing future headaches. It aims at reducing the cognitive overload one faces when operating a Kubernetes cluster in the wild. Furthermore, if your cluster employs a metric-server, it reports potential resources over/under all ..read more

Tai-e What is Tai-e? Tai-e (Chinese: 太阿; pronunciation: [ˈtaɪə:]) is a new static analysis framework for Java (please see our technical report for details), which features arguably the "best" designs from both the novel ones we proposed and those of classic frameworks such as Soot, WALA, Doop, and SpotBugs. Tai-e is easy-to-learn, easy-to-use, efficient, and highly extensible, allowing you to easily develop new analyses on top of it. Currently, Tai-e provides the following major analysis components (and more analyses are on the way): Powerful pointer analysis framework On-the-fly call grap ..read more

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws Requirements Python 3 Python pip3 Installation cd to ghauri directory. install requirements: python3 -m pip install --upgrade -r requirements.txt run: python3 setup.py install or python3 -m pip install -e . you will be able to access and run the ghauri with simple ghauri --help command. Download Ghauri You can download the latest version of Ghauri by cloning the GitHub repository. git clone https://github.com/r0oth3x49/ghauri.git Features Supports following types of i ..read more