Repository of notes and scripts I use when doing malware analysis
Some scripts that can be useful when dealing with Qakbot
My personnal GhidraFunctionIdDb.
Hope it can save you some time ! Will be updated once in a while.
Generated with FunctionIdHashFunction.py and consumed by FunctionIdMatcher.py
Chapter 1 - Security Set and export your default region: export AWS_REGION=us-east-1 Set your AWS ACCOUNT ID:: AWS_ACCOUNT_ID=$(aws sts get-caller-ide
Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (
Saltbox Sandbox Repo Community Repository for Unofficial Saltbox Add-ons Requirements Saltbox Documentation Undetermined Roles List of roles can be fo
π WSOB (CVE-2022-29464) π WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:
Log4Scan A simple automatic tool for finding vulnerable log4j hosts Installation pip3 install -r requirements.txt Usage usage: log4scan.py [-h] (-f FI
SARA - Simple Android Ransomware Attack Disclaimer The author is not responsible for any issues or damage caused by this program. Features User can cu
Threagile is an open-source toolkit for agile threat modeling:
A tool combined with the advantages of masscan and nmap
DISCORD_ACCOUNT_HACKING_TOOL ( EDUCATIONAL PURPOSE ) Hack any account sending fake nitro QR code (only for educational purpose) Start my program token
infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s
π Public Bug Bounty Targets Data By BugBountyResources A collection of over 5.1M sub-domains and assets belonging to bug bounty targets, all put in a
Talisman: HTTP security headers for Flask Talisman is a small Flask extension that handles setting HTTP headers that can help protect against a few co
Opensource Project Simple Python Password Generator This repository is just for peoples who want to generate strong-passwords for there social-account
ClusterFuzz ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software. Google uses ClusterFuzz to fuzz all
log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more
OSINT Passive Discovery Amass - https://github.com/OWASP/Amass (Attack Surface M
μμΌμ μ΄μ©ν RDT protocols (RDT3.0,GBN,SR) ꡬν λ° μ±λ₯ νκ° μ½λ μ λλ€. μ½λλ₯Ό μ€νν λ 리μλ²λ₯Ό λ¨Όμ μ€ννμΈμ. μ±λ₯ νκ° μ½λλ ν¨ν· μ μ‘ κ³Όμ μ μ μΈνκ³ μκ°λΉ μ μ‘λ₯ μ μΆλ ₯ν©λλ€. RDT3.0 GBN SR(λ²κ·Έ λ°κ²¬μΌλ‘ ꡬνμ€ μ λ
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17, just some sm
NExfil is an OSINT tool written in python for finding profiles by username. The provided usernames are checked on over 350 websites within few seconds.
Separation of Mainlobes and Sidelobes in the Ultrasound Image Based on the Spatial Covariance (MIST) and Aperture-Domain Spectrum of Received Signals
30 Nov 27, 2022
59 Dec 01, 2022
31 Dec 19, 2022
25 Oct 14, 2022
6 Mar 10, 2022
99 Jan 04, 2023
425 Jan 07, 2023
59 Dec 24, 2022
7 Jan 07, 2022
41 Dec 30, 2022
87 Dec 13, 2022
854 Dec 30, 2022
15 Dec 01, 2022
4.9k Jan 08, 2023
4 Aug 08, 2022
5 May 18, 2022
0 Dec 20, 2021
16 Dec 18, 2022
1.4k Jan 01, 2023
3 Jan 03, 2023