ShonyDanza - A Customizable
- ShonyDanza - A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan
- XC - A Small Reverse Shell For Linux And Windows
- ZipExec - A Unique Technique To Execute Binaries From A Password Protected Zip
- Kit_Hunter - A Basic Phishing Kit Scanner For Dedicated And Semi-Dedicated Hosting
Posted: 01 Dec 2021 12:30 PM PST A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan. With ShonyDanza, you can:
Installation
Usage
See this how-to article for additional usage instruction. Legal DisclaimerThis project is made for educational and ethical testing purposes only. Usage of ShonyDanza for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. |
XC - A Small Reverse Shell For Linux And Windows Posted: 01 Dec 2021 03:30 AM PST Netcat like reverse shell for Linux & Windows. FeaturesWindows
Linux
Examples
SetupMake sure you are running golang version 1.15+, older versions will not compile. I tested it on ubuntu:
Linux:
Known Issues
Credits
|
ZipExec - A Unique Technique To Execute Binaries From A Password Protected Zip Posted: 30 Nov 2021 12:30 PM PST ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded into a string that is rebuilt on disk. This encoded string is then loaded into a JScript file that when executed, would rebuild the password-protected zip file on disk and execute it. This is done programmatically by using COM objects to access the GUI-based functions in Windows via the generated JScript loader, executing the loader inside the password-protected zip without having to unzip it first. By password protecting the zip file, it protects the binary from EDRs and disk-based or anti-malware scanning mechanisms. InstallationThe first step as always is to clone the repo. Before you compile ZipExec you'll need to install the dependencies. To install them, run following commands:
Then build it
or
Helpsandbox evasion using IsDomainedJoined. ">
|
Kit_Hunter - A Basic Phishing Kit Scanner For Dedicated And Semi-Dedicated Hosting Posted: 30 Nov 2021 03:30 AM PST Kit Hunter: A basic phishing kit detection tool
Testing and development took place on Python 3.7.3 (Linux) What is Kit Hunter?Kit Hunter is a personal project to learn Python, and a basic scanning tool that will search directories and locate phishing kits based on established markers. As detection happens, a report is generated for administrators. By default the script will generate a report that shows the files that were detected as potentially problematic, list the markers that indicated them as problematic (a.k.a. tags), and then show the exact line of code where the detection happened. Usage:Detailed installation and usage instructions are available at SteveD3.io HelpTo get quick help: Default scanTo launch a full scan using the default settings: Quick scanTo launch a quick scan, using minimal detection rules: Custom scanTo launch a custom scan:
Directory selected scanningYou can run
However, it is easier if you place The final report will be generated in the directory being scanned.
Shell detectionThis latest release of Kit Hunter comes with shell detection. Shell scripts are often packaged with phishing kits, or used to deploy phishing kits on webservers. Kit Hunter will scan for some common shell script elements. The process works exactly the same way as regular scanning, only the shell detections are called with the Once scanning is complete, output from the script will point you to the location of the saved scan report. Tag Files:When it comes to the tag files, there are 41 tag files shipping with v2.5.8 Kit Hunter. These tag files detect targeted phishing campaigns, as well as various types of phishing tricks, such as obfuscation, templating, theming, and even branded kits like Kr3pto and Ex-Robotos. New tag files will be added, and existing tag files will be updated on a semi-regular basis. See the changelog for details. As was the case with v1.0, the longer the tag file is, the longer it will take for the script to read it. |
Comentários
Postar um comentário