Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk
This entire talk is a series of Jupyter Notebooks! To get started:
Clone this repo:
$ git clone https://github.com/HuskyHacks/the-crown-defcon615.git && cd the-crown-defcon615
Install poetry:
$ pip3 install poetry
Enter a Poetry shell:
$ poetry shell
From the poetry shell, install all the project dependencies:
$ poetry install
Start Jupyter Lab!
$ jupyter lab main.ipynb
A python tool capable of creating HUGE wordlists. Has the ability to add custom words for concatenation in any way you see fit.
PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install
PyExtractor is a decompiler that can fully decompile exe's compiled with pyinstaller or py2exe with additional features such as malware checker/detector! Also checks file(s) for suspicious words, dis
firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件,基于敏感函数参数回溯来辅助漏洞挖掘。我们知道,在固件漏洞挖掘中,从敏感/危险函数出发,寻找其参数来源,是一种很有效的漏洞挖掘方法,但程序中调用敏感函数的地方非常多,人工分析耗时费力,通过该插件,可以帮助排除大部分的安全
FTP-exploits FTP-exploits is a tool which is used for Penetration Testing that can run many kinds of exploits on port 21(FTP) Commands and Exploits Ex
King Phisher Phishing Campaign Toolkit Installation For instructions on how to install, please see the INSTALL.md file. After installing, for instruct
Python sandbox runners for executing code in isolation aka snekbox.
Signalum A Linux Package to detect and analyze existing connections from wifi and bluetooth. Also checkout the Desktop Application. Signalum Installat
Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We
介绍 对于需要使用 Rogue Mysql Server 的漏洞来说,若想批量检测这种漏洞的话需要自备一个服务器。并且我常用的Rogue Mysql Server 脚本 不支持动态更改读取文件名、不支持远程用户访问读取结果、不支持批量化检测网站。于是乎萌生了这个小脚本的想法 Rogue-MySql-
PasswordMaker Strong listing password Introduction The probability of having the password you want in the tool is +90%!! How to Install Open the termi
Python library to remotely extract credentials on a set of hosts.
log4j2_burp_scan 自用脚本log4j2 被动 burp rce扫描工具 get post cookie 全参数识别,在ceye.io api速率限制下,最大线程扫描每一个参数,记录过滤已检测地址,重复地址 token替换为你自己的http://ceye.io/ token 和域名地址
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
#It's my first tool i hope to be useful for everyone, Make your own huge Wordlist with advanced options, You need python3 to run this tool, If you hav
Insta-crack This is a instagram brute force tool that uses tor as its proxy connections, keep in mind that you should not do anything illegal with thi
Osint-Tool Herramienta para la recolección de información Pronto más opciones In
log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be
Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi
This a simple tool XSS Detection Suite for CTFs games
9 Oct 05, 2022
7 Jul 14, 2022
56 Jul 31, 2022
171 Nov 28, 2022
1 Dec 26, 2021
1.9k Jan 01, 2023
164 Dec 20, 2022
56 Mar 03, 2021
133 Dec 18, 2022
6 May 17, 2022
4 Sep 05, 2021
1.5k Dec 31, 2022
5 Dec 10, 2021
31 Oct 21, 2022
6 Dec 08, 2022
3 Jan 28, 2022
3 Apr 09, 2022
144 Nov 19, 2022
80 Dec 29, 2022
2 Nov 24, 2021