Sunder Windows rootkit modeled after Lazarus Group’s FudModule rootkit. Reference this version of Sunder for an example of the appid.sys driver exploit, which was utilized by Lazarus Group FudModule rootkit. Sunder’s vulnerable driver in this GitHub repository...
The post Sunder: Windows rootkit designed to work with BYOVD exploits appeared first on Penetration Testing Tools.
HFish It is a cross-platform honeypot platform developed based on golang, which has been meticulously built for enterprise security Multi-function: Not just support HTTP(S) Pot,It also supports SSH、SFTP、Redis、Mysql、FTP、Telnet、Deep etc. Expansibility: Provide API Interface,Users can expand honeypot module at...
The post HFish: cross platform honeypot platform appeared first on Penetration Testing Tools.
AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. The framework determines the most appropriate attack path for a given network and can be used to execute a simulated...
The post AutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning appeared first on Penetration Testing Tools.
CryptoTester A utility for playing with cryptography, geared toward ransomware analysis. Hex Views All hex views used in CryptoTester offer a few enhanced capabilities. Null bytes are colored a lighter gray Bytes representing ASCII...
The post CryptoTester: utility for playing with cryptography, geared toward ransomware analysis appeared first on Penetration Testing Tools.
WAF-A-MoLE A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al. Given an input SQL injection query, it tries to produce a semantic invariant query that is able...
The post WAF-A-MoLE: guided mutation-based fuzzer for ML-based Web Application Firewalls appeared first on Penetration Testing Tools.
GitAlerts GitHub repositories created under any organization can be controlled by the GitHub administrators. However, any repository created under an organization’s user account is not controllable unless the organization has adopted the GitHub enterprise-managed...
The post git-alerts: detect and monitor GitHub org users’ public repositories for secrets and sensitive files appeared first on Penetration Testing Tools.
HashDB IDA Plugin Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can...
The post hashdb-ida: Malware string hash lookup plugin for IDA Pro appeared first on Penetration Testing Tools.
Baitroute A web honeypot project that serves realistic, vulnerable-looking endpoints to detect vulnerability scans and mislead attackers by providing false positive results. It can be imported as a library into your project and is...
The post Baitroute: The Web Honeypot That Turns the Tables on Attackers appeared first on Penetration Testing Tools.
APKDeepLens APKDeepLens is a Python-based tool designed to scan Android applications (APK files) for security vulnerabilities. It specifically targets the OWASP Top 10 mobile vulnerabilities, providing an easy and efficient way for developers, penetration...
The post APKDeepLens: scan Android applications for security vulnerabilities appeared first on Penetration Testing Tools.
Mobile Audit MobileAudit – SAST and Malware Analysis for Android Mobile APKs Django Web application for performing Static Analysis and detecting malware in Android APKs. In each of the scans, it would have the following...
The post mobile Audit v3.0 releases: performs SAST and Malware Analysis for Android APKs appeared first on Penetration Testing Tools.
SQLMap Command Generator is a web-based application designed to assist penetration testers and security enthusiasts in generating SQLMap commands with various options for testing SQL injection vulnerabilities. It provides an easy-to-use interface where users...
The post Web-Based SQLMap: Generate Commands, Test SQL Injections appeared first on Penetration Testing Tools.
unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats, extracts their content recursively, and carves out unknown chunks that have not been accounted for. How does it work? unblob...
The post unblob: Extract files from any kind of container formats appeared first on Penetration Testing Tools.
VectorKernel PoCs for Kernelmode rootkit techniques research or education. Currently focusing on Windows OS. All modules support 64-bit OS only. NOTE Some modules use ExAllocatePool2 API to allocate kernel pool memory. ExAllocatePool2 API is not...
The post VectorKernel: PoCs for Kernelmode rootkit techniques research appeared first on Penetration Testing Tools.
ESXi Testing Toolkit A command-line utility designed to help security teams test detections deployed in ESXi environments. It takes heavy inspiration from Atomic Red Team but provides ESXi-specific enhancements and a simpler user experience....
The post ESXi Testing Tookit: Simple and easy to use CLI tool to test ESXi detections appeared first on Penetration Testing Tools.
The Damne Vulnerable Android Components – DVAC Damn Vulnerable Android Components (DVAC) is an educational Android application intentionally designed to expose and demonstrate vulnerabilities related to various Android components such as Activities, Intents, Content...
The post DVAC: An intentionally vulnerable Android Application appeared first on Penetration Testing Tools.
ELFEN: Linux Malware Analysis Sandbox ELFEN is a dockerized sandbox for analyzing Linux (file type: ELF) malware. It leverages an array of open-source technologies to perform both static and dynamic analysis. Results are available...
The post ELFEN: Automated Linux Malware Analysis Sandbox appeared first on Penetration Testing Tools.
VIPER is a powerful and flexible red team platform. It integrates the core tools and functionalities required for adversary simulation and red team operations, assisting you in efficiently completing cybersecurity assessment tasks. User-Friendly Interface Provides...
The post Viper: A Unified Platform for Adversary Emulation and Red Team Operations appeared first on Penetration Testing Tools.
Qu1cksc0pe This tool allows statically analysis Windows, Linux, osx, executables, and also APK files. You can get: What DLL files are used. Functions and API. Sections and segments. URLs, IP addresses, and emails. Android...
The post Qu1cksc0pe: All-in-One static malware analysis tool appeared first on Penetration Testing Tools.
Emora Emora allows you to search for accounts by username across social networks. Inspired by tools like Sherlock, Emora provides a user-friendly graphical interface to ease the usage and navigation through the results. Features Intuitive...
The post Emora: GUI OSINT tool to search accounts by username across social networks appeared first on Penetration Testing Tools.
CF-Hero is a comprehensive reconnaissance tool developed to discover the real IP addresses of web applications protected by Cloudflare. It performs multi-source intelligence gathering through various methods. Historical DNS records services try to discover...
The post CF-Hero: discover the real IP addresses of web applications protected by Cloudflare appeared first on Penetration Testing Tools.
