Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk
This entire talk is a series of Jupyter Notebooks! To get started:
Clone this repo:
$ git clone https://github.com/HuskyHacks/the-crown-defcon615.git && cd the-crown-defcon615
Install poetry:
$ pip3 install poetry
Enter a Poetry shell:
$ poetry shell
From the poetry shell, install all the project dependencies:
$ poetry install
Start Jupyter Lab!
$ jupyter lab main.ipynb
vCenter SAML Login Tool A tool to extract the Identity Provider (IdP) cert from vCenter backups and log in as Administrator Background Commonly, durin
ExProlog ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065) Usage: exprolog.py [OPTIONS] ExProlog -
Hikvisioninformation Hikvision 流媒体管理服务器敏感信息泄漏 Options optional arguments: -h, --help show this help message and exit -u url, --url url
About Tool This plugin is made for more familiarity with Python, but can also be used to create passwords.
truffleHog Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accident
Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities Features 1 Scan one website 2 Scan multiple websites Insta
PyFUD fully Undetectable payload generator for metasploit Usage: pyfud.py --host
shell-hack Tribute to Chinese ant sword; A Powerful terminal based webshell controller; Usage : Usage : python3 shell-hack.py --url [URL] --w
HELLogger simple python keylogger DISCLAIMERS: DON'T DO BAD THINGS. THIS PROGRAM IS MEANT FOR PERSONAL USES ONLY. USE IT ONLY IN COMPUTERS WHERE YOU H
Hammer-DDos $ apt update $ apt upgrade $ apt install python $ apt install git $
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。
sshmap SSH Tool For OSINT and then Cracking. Linux Systems Only Usage: Scanner Syntax: scanner start/stop/status - Sarts/stops/sho
CVE-2021-3625 This repository contains a few example exploits for CVE-2021-3625. All Zephyr-based usb devices up to (and including) version 2.5.0 suff
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
MayorSecDNSScan MSDNSScan is used to identify DNS records for target domains and check for zone transfers. There really isn't much special about it, a
A toolkit for web reconnaissance, it's fast and easy to use. File Structure httpsuite/ main.py init.py db/ db.py init.py subdomains_db directories_db
SPV SecurePasswordVerification Its is python module for doing a secure password verification without sharing the password directly. Features The passw
Pestilence - The Malware Database [] Screenshot Pestilence is a project created to make the possibility of malware analysis open and available to the
520_APK_HOOK 介绍 将msf生成的payload,注入到一个正常的apk文件中,重新打包后进行加固,bypass手机安全管家的检测。 项目地址: https://github.com/cleverbao/520apkhook 作者: BaoGuo 优点 相比于原始的msf远控,此版本ap
Vuln Impact There was an unauthorized access vulnerability in Hadoop yarn ResourceManager. This vulnerability existed in Hadoop yarn, the core compone
343 Dec 31, 2022
130 Dec 15, 2022
13 Nov 09, 2022
2 Jul 23, 2022
10.1k Jan 09, 2023
9 Dec 30, 2022
3 Mar 25, 2022
10 Dec 28, 2021
10 Nov 10, 2022
1 Jan 24, 2022
764 Jan 05, 2023
5 Apr 04, 2022
7 Nov 10, 2022
3.8k Jan 06, 2023
68 Dec 12, 2022
22 Jul 22, 2022
1 Feb 12, 2022
47 Dec 21, 2022
368 Jan 02, 2023
25 Nov 24, 2022