Malwar3 Ninja's Projects
Automatic installation and configuration of DNSCrypt (on Debian + Redhat like systems). This script will install DNSCrypt and configure it to start on boot and use an optional dnscrypt service.
dnsIntel is a tool for downloading domains from threat intelligence sources and creates a blacklist file with dnsmasq or BIND format.
DVR-Exploiter a Bash Script Program Exploit The DVR's Based on CVE-2018-9995
Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
ELK configuration files for Forensic Analysts and Incident Handlers
#Email #Botnet #EmailBotnet #Framework #Bruteforce #EmailBombing #Spoof #Bombing #development
Empire is a PowerShell and Python post-exploitation agent.
General repository for compiled and uncompiled EnCase EnScripts
EnCase EnScripts To Make The Investigation Little Easy :P
This is a framework written in EnScript to utilize the network capabilities of EnCase. The purpose is to allow for someone to build a quick network enabled EnScript to respond quickly to threats with minimal code being written.
EnScripts for... EnCase
The official Exploit Database repository
IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228
A smart gateway to stop hackers and Malware attacks
Fetch threat intel feeds and normalize content
FruityC2 is a post-exploitation (and open source) framework based on the deployment of agents on compromised machines. Agents are managed from a web interface under the control of an operator.
This Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method.
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
Hacking tool inside a Raspberry Pi zero
HERCULES is a special payload generator that can bypass antivirus softwares.
Threat Feed Aggregation, Made Easy
Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Inveigh is a Windows PowerShell LLMNR/mDNS/NBNS spoofer/man-in-the-middle tool
Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
Incident Response Methodologies
Janusec Application Gateway, a Golang based application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing.
JShell - Get a JavaScript shell with XSS.
A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.