Bash noscript that crawls a target URL to get a better image of what is tied to a website.
https://github.com/NeverWonderLand/wildcrawl
#bugbounty #pentest
@pfk_git
https://github.com/NeverWonderLand/wildcrawl
#bugbounty #pentest
@pfk_git
GitHub
GitHub - ghostwond3r/wildcrawl: Crawls URL to get a better image of what is tied to a website.
Crawls URL to get a better image of what is tied to a website. - ghostwond3r/wildcrawl
Arc
A manager for your secrets made of arc, a RESTful API server written in Go which exposes read and write primitives for encrypted records, and arc, the client application implemented in HTML5 and javanoscript, which runs in every modern browser and it is served by arc itself.
Records are generated, encrypted and decrypted client side by arc (with AES256 in GCM mode, using 10000 iterations for the PBKDF2 key derivation function, everything WebCrypto based ), which offers an intuitive management system equipped with UI widgets including:👇
https://github.com/evilsocket/arc
#cybersecurity #infosec
@pfk_git
A manager for your secrets made of arc, a RESTful API server written in Go which exposes read and write primitives for encrypted records, and arc, the client application implemented in HTML5 and javanoscript, which runs in every modern browser and it is served by arc itself.
Records are generated, encrypted and decrypted client side by arc (with AES256 in GCM mode, using 10000 iterations for the PBKDF2 key derivation function, everything WebCrypto based ), which offers an intuitive management system equipped with UI widgets including:👇
https://github.com/evilsocket/arc
#cybersecurity #infosec
@pfk_git
GitHub
GitHub - evilsocket/arc: A manager for your secrets.
A manager for your secrets. Contribute to evilsocket/arc development by creating an account on GitHub.
idfk
• Indirect syscalls via HellsHall. Only did it for the protect call and some other common ones, too lazy for others
• Producing Shellcode (via ShellcodeTemplate), exes, dlls.
• Sleep encryption via Ekko. Only works on Exes and Shellcode. I don't think DLL can sleep encrypt properly cause CFG, just a guess though
• I managed to injected to explorer/locally and it works, but if theres more than one instance of the shellcode is already there, only one of them will cycle.
https://github.com/susMdT/fictional-invention
#cybersecurity #infosec
@pfk_git
• Indirect syscalls via HellsHall. Only did it for the protect call and some other common ones, too lazy for others
• Producing Shellcode (via ShellcodeTemplate), exes, dlls.
• Sleep encryption via Ekko. Only works on Exes and Shellcode. I don't think DLL can sleep encrypt properly cause CFG, just a guess though
• I managed to injected to explorer/locally and it works, but if theres more than one instance of the shellcode is already there, only one of them will cycle.
https://github.com/susMdT/fictional-invention
#cybersecurity #infosec
@pfk_git
GitHub
GitHub - susMdT/fictional-invention: idk man this was the default github name
idk man this was the default github name. Contribute to susMdT/fictional-invention development by creating an account on GitHub.
Defender-For-Endpoint-Queries
This repo contains the queries for defender for endpoint detection queries also hunting queries.
https://github.com/le0li9ht/Defender-For-Endpoint-Queries
#cybersecurity #infosec
@pfk_git
This repo contains the queries for defender for endpoint detection queries also hunting queries.
https://github.com/le0li9ht/Defender-For-Endpoint-Queries
#cybersecurity #infosec
@pfk_git
GitHub
GitHub - le0li9ht/Defender-For-Endpoint-Queries: This repo contains the queries for defender for endpoint detections
This repo contains the queries for defender for endpoint detections - le0li9ht/Defender-For-Endpoint-Queries
Svn-Extractor
اسکریپت ساده برای استخراج تمام منابع وب با استفاده از پوشه .SVN در معرض شبکه.
https://github.com/anantshri/svn-extractor
#cybersecurity #infosec #bugbounty #pentest
@pfk_git
اسکریپت ساده برای استخراج تمام منابع وب با استفاده از پوشه .SVN در معرض شبکه.
https://github.com/anantshri/svn-extractor
#cybersecurity #infosec #bugbounty #pentest
@pfk_git
GitHub
GitHub - anantshri/svn-extractor: simple noscript to extract all web resources by means of .SVN folder exposed over network.
simple noscript to extract all web resources by means of .SVN folder exposed over network. - anantshri/svn-extractor
TokenUniverse
An advanced tool for working with access tokens and Windows security policy.
https://github.com/diversenok/TokenUniverse
#cybersecurity #infosec
@pfk_git
An advanced tool for working with access tokens and Windows security policy.
https://github.com/diversenok/TokenUniverse
#cybersecurity #infosec
@pfk_git
GitHub
GitHub - diversenok/TokenUniverse: An advanced tool for working with access tokens and Windows security policy.
An advanced tool for working with access tokens and Windows security policy. - diversenok/TokenUniverse
ffuf پس پردازش
ابزار Golang که به حذف ورودی های نامربوط از فایل نتیجه ffuf شما کمک می کند.
https://github.com/Damian89/ffufPostprocessing
#bugbounty #pentest
@pfk_git
ابزار Golang که به حذف ورودی های نامربوط از فایل نتیجه ffuf شما کمک می کند.
https://github.com/Damian89/ffufPostprocessing
#bugbounty #pentest
@pfk_git
GitHub
GitHub - dsecuredcom/ffufPostprocessing: Golang tool which helps dropping the irrelevant entries from your ffuf result file.
Golang tool which helps dropping the irrelevant entries from your ffuf result file. - dsecuredcom/ffufPostprocessing
OpenSSF Scorecard - Security health metrics for Open Source.
https://github.com/ossf/scorecard
@pfk_git
https://github.com/ossf/scorecard
@pfk_git
GitHub
GitHub - ossf/scorecard: OpenSSF Scorecard - Security health metrics for Open Source
OpenSSF Scorecard - Security health metrics for Open Source - ossf/scorecard
subtron
Let the subtron do the subdomain enumeration for you with subfinder, assetfinder and with amass at once.
https://github.com/d4rkwarrior/subtron
#cybersecurity #infosec #bugbounty #pentest
@pfk_git
Let the subtron do the subdomain enumeration for you with subfinder, assetfinder and with amass at once.
https://github.com/d4rkwarrior/subtron
#cybersecurity #infosec #bugbounty #pentest
@pfk_git
GitHub
GitHub - atulxerma/subtron: "🔍 Subtron: Bash-driven subdomain seeker. Utilizes Subfinder, Amass, Assetfinder, and HTTPX to swiftly…
"🔍 Subtron: Bash-driven subdomain seeker. Utilizes Subfinder, Amass, Assetfinder, and HTTPX to swiftly uncover live domains. Results stored in final.txt. Let's hunt security loopho...
XSSMaze
یک وب سرویس طراحی شده برای آزمایش و بهبود عملکرد ابزارهای تست امنیتی با ارائه موارد مختلف آسیب پذیری XSS.
https://github.com/hahwul/xssmaze
@pfk_git
یک وب سرویس طراحی شده برای آزمایش و بهبود عملکرد ابزارهای تست امنیتی با ارائه موارد مختلف آسیب پذیری XSS.
https://github.com/hahwul/xssmaze
@pfk_git
GitHub
GitHub - hahwul/xssmaze: XSSMaze is a web service designed to test and improve the performance of security testing tools by providing…
XSSMaze is a web service designed to test and improve the performance of security testing tools by providing various cases of XSS vulnerabilities. - hahwul/xssmaze
ابزارهای اسکن آسیب پذیری برای تست نفوذ
afrog
یک ابزار اسکن آسیب پذیری با عملکرد عالی، سریع و پایدار و قابل تنظیم PoC است. PoC شامل CVE، CNVD، رمز عبور پیشفرض، نشت اطلاعات، شناسایی اثر انگشت، دسترسی غیرمجاز، خواندن دلخواه فایل، اجرای دستور و غیره است. این به متخصصان امنیت شبکه کمک میکند تا آسیبپذیریها را بهموقع بررسی و رفع کنند.
https://github.com/zan8in/afrog
#cybersecurity #infosec #bugbounty #pentest
@pfk_git
afrog
یک ابزار اسکن آسیب پذیری با عملکرد عالی، سریع و پایدار و قابل تنظیم PoC است. PoC شامل CVE، CNVD، رمز عبور پیشفرض، نشت اطلاعات، شناسایی اثر انگشت، دسترسی غیرمجاز، خواندن دلخواه فایل، اجرای دستور و غیره است. این به متخصصان امنیت شبکه کمک میکند تا آسیبپذیریها را بهموقع بررسی و رفع کنند.
https://github.com/zan8in/afrog
#cybersecurity #infosec #bugbounty #pentest
@pfk_git
GitHub
GitHub - zan8in/afrog: A Security Tool for Bug Bounty, Pentest and Red Teaming.
A Security Tool for Bug Bounty, Pentest and Red Teaming. - zan8in/afrog
Bulk 403 Bypass
This is a Bash noscript that performs bulk 403 bypass by adding a custom header to HTTP requests. It can be useful for testing whether a website is vulnerable to 403 bypass techniques.
https://github.com/aardwolfsecurityltd/Bulk_403_Bypass
#bugbounty #pentest
@pfk_git
This is a Bash noscript that performs bulk 403 bypass by adding a custom header to HTTP requests. It can be useful for testing whether a website is vulnerable to 403 bypass techniques.
https://github.com/aardwolfsecurityltd/Bulk_403_Bypass
#bugbounty #pentest
@pfk_git
GitHub
GitHub - aardwolfsecurityltd/Bulk_403_Bypass
Contribute to aardwolfsecurityltd/Bulk_403_Bypass development by creating an account on GitHub.
B1pass3r
ابزار پایتون برای آزمایش تکنیک های شناخته شده برای بای پس پاسخ های HTTP 403 و 401.
https://github.com/nico989/B1pass3r
#bugbounty #pentest
@pfk_git
ابزار پایتون برای آزمایش تکنیک های شناخته شده برای بای پس پاسخ های HTTP 403 و 401.
https://github.com/nico989/B1pass3r
#bugbounty #pentest
@pfk_git
GitHub
GitHub - nico989/B1pass3r: Python tool to test known techniques to bypass 403 and 401 HTTP responses.
Python tool to test known techniques to bypass 403 and 401 HTTP responses. - nico989/B1pass3r
403-بای پس
این ابزاری است که وقتی برای pentest کار می کردم نوشتم.
https://github.com/channyein1337/403-bypass
#bugbounty #pentest
@pfk_git
این ابزاری است که وقتی برای pentest کار می کردم نوشتم.
https://github.com/channyein1337/403-bypass
#bugbounty #pentest
@pfk_git
GitHub
GitHub - byt3hx/403-bypass: 403-bypass tool to bypass 403 responses.
403-bypass tool to bypass 403 responses. Contribute to byt3hx/403-bypass development by creating an account on GitHub.
Bypass-403
یک اسکریپت ساده که فقط برای استفاده شخصی برای بایپس 403 ساخته شده است.
https://github.com/iamj0ker/bypass-403
#bugbounty #pentest
@pfk_git
یک اسکریپت ساده که فقط برای استفاده شخصی برای بایپس 403 ساخته شده است.
https://github.com/iamj0ker/bypass-403
#bugbounty #pentest
@pfk_git
GitHub
GitHub - iamj0ker/bypass-403: A simple noscript just made for self use for bypassing 403
A simple noscript just made for self use for bypassing 403 - iamj0ker/bypass-403
JSpector
#BurpSuite extension that passively crawls JavaScript files and automatically creates issues with URLs and endpoints found on the JS files.
https://github.com/hisxo/JSpector
#bugbounty
@pfk_git
#BurpSuite extension that passively crawls JavaScript files and automatically creates issues with URLs and endpoints found on the JS files.
https://github.com/hisxo/JSpector
#bugbounty
@pfk_git
GitHub
GitHub - hisxo/JSpector: A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly…
A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues - hisxo/JSpector
AIx
A cli tool to interact with Large Language Models (LLM) APIs.
Features:
• AMA with AI over CLI
• Query LLM APIs (OpenAI)
• Supports GPT-3.5 and GPT-4.0 models
• Configurable with OpenAI API key
• Flexible output options
https://github.com/projectdiscovery/aix
#cybersecurity
@pfk_git
A cli tool to interact with Large Language Models (LLM) APIs.
Features:
• AMA with AI over CLI
• Query LLM APIs (OpenAI)
• Supports GPT-3.5 and GPT-4.0 models
• Configurable with OpenAI API key
• Flexible output options
https://github.com/projectdiscovery/aix
#cybersecurity
@pfk_git
GitHub
GitHub - projectdiscovery/aix: AIx is a cli tool to interact with Large Language Models (LLM) APIs.
AIx is a cli tool to interact with Large Language Models (LLM) APIs. - projectdiscovery/aix
Cloudflare WAF به AbuseIPDB
اتوماسیون برای گزارش عوامل مخرب به AbuseIPDB برای کاربران Cloudflare WAF
https://github.com/BeeHiveCyberSecurity/WAF-IPDB
@pfk_git
اتوماسیون برای گزارش عوامل مخرب به AbuseIPDB برای کاربران Cloudflare WAF
https://github.com/BeeHiveCyberSecurity/WAF-IPDB
@pfk_git
GitHub
GitHub - BeeHiveSafety/CloudflareToAbuseIPDB: Automation to report malicious actors to AbuseIPDB for users of Cloudflare WAF
Automation to report malicious actors to AbuseIPDB for users of Cloudflare WAF - BeeHiveSafety/CloudflareToAbuseIPDB
یک اسکنر مخفی ساخته شده در Rust برای عملکرد، و بر اساس TruffleHog که در پایتون نوشته شده است. Rusty Hog باینری های زیر را ارائه می دهد:
https://github.com/newrelic/rusty-hog
#bugbounty #pentest
@pfk_git
https://github.com/newrelic/rusty-hog
#bugbounty #pentest
@pfk_git
GitHub
GitHub - newrelic/rusty-hog: A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com…
A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in Python. - newrelic/rusty-hog
درود
بدلیل مشغله کاری از تمامی دوستان فعال در حوزه های سایبری دعوت میشود به آیدی زیر پیام داده و در صورت تایید به عنوان مدیر و ویراستار جدید کانال انتخاب شوند
@DK_HBB_Bot
بدلیل مشغله کاری از تمامی دوستان فعال در حوزه های سایبری دعوت میشود به آیدی زیر پیام داده و در صورت تایید به عنوان مدیر و ویراستار جدید کانال انتخاب شوند
@DK_HBB_Bot