mod_wallz and Web-Firewall Released.
mod_wallz is a : Apache mod to mitigate Layer 7 DDoS attacks. Web-Firewall is a The firewall project for mitigating HTTP Layer 7 DDoS attack through PHP. Php Script for web-Firewall:<?php /* Layer 7...
View ArticleClik here to view.
RemoteWriteMonitor – A tool to help malware analysts tell that the sample is...
RemoteWriteMonitor is a tool to help malware analysts tell that the sample is injecting code to another process. This tool is designed to find a possible remote code injection and execution without use...
View ArticleLocker Decrypter – Python tool to decrypt files encrypted by Locker malware.
Locker is probably one of the worst malware which exists as of today. It is variant of Cryptolocker family of malware, and so called ransomware, which encrypts victim’s important files (such as photos...
View ArticleDecrypts the config file for the Fake-TextSecure Online Banking Trojan.
Decrypt the config file of “FakeToken” / “FakeTextsecure” Online Banking Trojans. + The Config is blowfish encrypted + The Config is a XML file and contains URLs and Phonenumbers of the attacker +...
View ArticleClik here to view.
Updates RATDecoders v-13.06.2015: Python Decoders for Common Remote Access...
Change and updates 13.06.2015 NjRat, Rat Config Extractor : + njRat Config Extractor v-0.2 + Predator Logger Config Extractor v-0.2 + jRAT Rat Config Extractor v-0.3 + Create Hawkeye Config Extractor...
View ArticleClik here to view.
Updates Process Hacker v-2.35: multi-purpose tool that helps you monitor...
Changelog v-2.35: * HIGHLIGHTS: * New rich pop-up UI when hovering the cursor over a tray icon, showing the most active processes * Completely new Memory tab for processes, with heap, stack and working...
View ArticleClik here to view.
Empire : PowerShell post-exploitation agent v-1.0.0 released.
Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing...
View ArticleClik here to view.
Updates RATDecoders v-2015/08/19: Python Decoders for Common Remote Access...
changelog 2015/08/19: – QSpy Config Decoder +__description__ = ‘QSpy Rat Config Extractor’ +__author__ = ‘Kevin Breen http://techanarchy.net http://malwareconfig.com’ +__version__ = ‘0.1’ +__date__ =...
View ArticleClik here to view.
Updates Security Union v-12.04.53 : is a Linux distro for IDS, NSM, and log...
Changelog v-12.04.5.3: + tcpudpflow: remove connection_state_remove event handler + ossec_agent: Add source of syslog as destination IP for Sguil alert + sosetup: allow user to enable/disable Snorby +...
View ArticleClik here to view.
mac4n6 : Collection of forensics artifacs location for Mac OS X and iOS.
This is a collection for OS X and iOS artifacts location, trying to collect more information for each artifact, not just a path! From Mac4n6 Group. The goal is that the information collected have to be...
View ArticleClik here to view.
Killrk is a Azazel and Jynx2 rootkit removal script.
userland Azazel and Jynx2 rootkit removal script this script is designed to remove Azazel and Jynx2 from the system. the script utilizes very simple flaws in the rootkits and uses the flaws to bypass...
View ArticleClik here to view.
Updates Dnstwist v-20150901- Generate and resolve domain variations to detect...
changelog v20150901: + Domains are validated after permutation process + Updated example reports Dnstwist is a tools for Generate and resolve domain variations to detect typo squatting, phishing and...
View ArticleClik here to view.
Bash Scanner – A fast way to scan your server for outdated software and...
Bash Scanner is a fast and reliable way to scan your server for outdated software and potential exploits. Bash Scanner Usage Extended reports: After an initial scan, you will be asked to create an...
View ArticleClik here to view.
Find DNS Attacker ~ scripts to gets loging data via STDIN and performs...
findAttacker – This scripts gets BING loging data via STDIN and performs pattern matching to identify any attacker. Latest Version : 0.1.4 ;Changed whitelisting algorithm. FindAttacker-v0.1.4 Tested on...
View ArticleClik here to view.
NoCrack ~ A new kind of password vault that fools the brute-force attacker by...
Nocrack is A new kind of password vault that fools the brute-force attacker by charning out decoy passwords. Latest change: Fixed the parsing problem, when the top level composition rule is missing in...
View ArticleClik here to view.
Privilege-Escalation ~ This contains common local exploits and enumeration...
Privilege-Escalation This contains common OSCP local exploits and enumeration collection scripts. On Linux Folder: – Post Exploitation Script; — Linux Privilege Escalation Script Bash.sh — Linux...
View ArticleClik here to view.
Linux Malware Detect(LMD) version-1.5 released.
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network...
View ArticleClik here to view.
Dnstwist v-20150920 ~ Generate and resolve domain variations to detect typo...
Changelog v-20150920: +New feature: fetch web pages and compare fuzzy hashes to evaluate similarity + Other minor changes Dnstwist version-2092015 Dnstwist is a tools for Generate and resolve domain...
View ArticleClik here to view.
Uproot ~ a Host Based Intrusion Detection System (HIDS) for leveraging WMI...
Uproot is a Host Based Intrusion Detection System (HIDS) that leverages Permanent Windows Management Instrumentation (WMI) Event Susbcriptions to detect malicious activity on a network. For more...
View ArticleClik here to view.
Updates Tools : a Collection security and hacking tools; likes exploits,...
latest change 9/25/2015 tools added : + dnsspider.py v0.7 : A very fast multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation. + CHANGELOG dnsspider v0.7: –...
View Article