PhoneSploit Pro An All-In-One hacking tool is written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework. Complete Automation to get a meterpreter session in One Click This tool can automatically Create, Install, and Run payload...
A new open-source project has appeared in TrustedSec’s GitHub repository. The library, named Titanis, is written in C# and designed for interaction with Windows environments. Built on .NET 8, it is cross-platform, supporting both...
Researchers have unveiled a tool for analyzing Apple firmware (IPSW) that significantly reduces storage requirements and accelerates work with system images. The impetus for its development was the rapid growth in IPSW file sizes:...
A new tool for handling network requests has appeared on GitHub — FlareProx. The project allows you to deploy an HTTP proxy on the basis of Cloudflare Workers and use it to redirect traffic...
SquarePhish is an advanced phishing tool that uses a technique combining the OAuth Device Code authentication flow and QR codes. Attack Flow Step 1: QR Code Email An attacker will send an initial email...
GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages, Go modules, GitHub actions, or VSCode extensions. It runs a set of heuristics on the package source code (through Semgrep...
SmuggleShield is a browser extension that aims to prevent HTML smuggling attacks by detecting common patterns. While this is not a comprehensive or bulletproof solution, it is an attempt to provide an additional layer...
msInvader is an adversary simulation tool designed for blue teams to simulate real-world attack techniques within M365 and Azure environments. By generating realistic attack telemetry, msInvader empowers detection engineers, SOC analysts, and threat hunters...
Shoggoth Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode, PE, and COFF files polymorphically. Shoggoth will generate an output file that stores the payload and its...
FirmAE is a fully-automated framework that performs emulation and vulnerability analysis. FirmAE significantly increases the emulation success rate (From Firmadyne’s 16.28% to 79.36%) with five arbitration techniques. We tested FirmAE on 1,124 wireless routers and...
Nimbo-C2 agent supports x64 Windows & Linux. It’s written in Nim, with some usage of .NET on Windows (by dynamically loading the CLR to the process). Nim is powerful, but interacting with Windows is...
MissionEvasion is a sophisticated Windows process injection tool that implements multiple evasion techniques, including registry-based file hiding, process hollowing, and process overwriting. The tool supports both x64 and x86 architectures and provides a flexible...
