OneGadget When playing ctf pwn challenges we usually need the one-gadget RCE (remote code execution), which leads to call execve(‘/bin/sh’, NULL, NULL). This gem provides such gadgets finder, no need to use objdump or IDA-pro...
Docker Security Playground Docker Security Playground is an application that allows you to: Create a network and network security scenarios, in order to understand network protocols, rules, and security issues by installing DSP in...
SkyScalpel SkyScalpel is an open-source framework for JSON policy parsing, obfuscation, deobfuscation, and detection in cloud environments. It provides flexible and highly configurable mechanisms to handle JSON-level obfuscation, IAM policy transformations, and the detection...
Netis Packet Agent Netis Packet Agent is an open-source project to deal with such a situation: it captures packets on Machine A but has to use them on Machine B. This case is very common when...
sniffglue sniffglue is a network sniffer written in rust. Network packets are parsed concurrently using a thread pool to utilize all cpu cores. Project goals are that you can run sniffglue securely on untrusted...
Matildapp In our modern, interconnected world, the concept of Web3, also known as the decentralized web, represents the next significant shift in Internet technology. Web3, underpinned by blockchain technology and smart contracts, offers unprecedented...
PowerHub PowerHub is a web application which aids a pentester in transferring files, in particular, code which may get flagged by endpoint protection. During an engagement where you have a test client available, one...
Miteru Miteru is an experimental phishing kit detection tool. How it works It collects phishing suspicious URLs from the following feeds: urlscan.io certstream-suspicious feed OpenPhish feed via urlscan.io PhishTank feed via urlscan.io It checks...
Cloud Console Cartographer Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. CloudTrail logs) and mapping them to the original user...
Obfuscar Obfuscar is a basic obfuscator for .NET assemblies. It uses massive overloading to rename metadata in .NET assemblies (including the names of methods, properties, events, fields, types, and namespaces) to a minimal set,...
Splunk Attack Range Purpose The Attack Range solves two main challenges in the development of detections. First, it allows the user to quickly build a small lab infrastructure as close as possible to your...
Android BugBazaar: Your mobile appsec playground to Explore, Exploit, Excel BugBazaar is a comprehensive mobile application intentionally designed to be vulnerable, featuring over 30 vulnerabilities. Developed to emulate real-world scenarios, it includes more than...
