Recon Tool: SiCat
SiCat is an exploit search tool, and its primary objective is to efficiently identify and gather information about potential exploits from various sources, including both online repositories and local resources.
Offensive Security Tool: Upload_Bypass
Upload Bypass is a simple tool designed to assist penetration testers and bug hunters in testing file upload mechanisms. It leverages various bug bounty techniques to simplify the process of identifying and exploiting vulnerabilities, ensuring thorough assessments of web applications.
Offensive Security Techniques Repo: RustRedOps
RustRedOps is a repository dedicated to gathering and sharing various tools, projects, advanced techniques and offensive malware related to Red Team operations, with a specific focus on the Rust programming language.
Offensive Security Tool: SmuggleFuzz
SmuggleFuzz is a tool designed for rapid and customizable scanning of HTTP downgrade smuggling vulnerabilities. It provides users with the ability to define their own gadget lists, allowing for deeper insights into the reasons behind failed smuggling attacks.
Recon Tool: go-dork
go-dork is a powerful and efficient command-line tool written in the Go programming language. It is designed to be the fastest dork scanner available, streamlining the process of conducting advanced Google dork queries. The tool supports various search engines, including Google, Shodan, Bing, DuckDuckGo, and Yahoo. It also provides an array of flags and options for customization, allowing users to tailor their searches based on specific criteria. This makes it an indispensable asset for security researchers, bug bounty hunters, and penetration testers.
Offensive Security Tool: Bob The Smuggler
Bob the Smuggler is a tool that leverages the HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypts the archive and then hides it inside PNG/GIF image file format (Image Polyglots). The JavaScript embedded within the HTML will download the PNG/GIF file and store it in the cache. Following this, the JavaScript will extract the data embedded in the PNG/GIF, assemble it, perform XOR decryption, and then store it as an in-memory blob.
Recent News
New Ghost Tap Attack: The Next-Level Credit Card Scam Exploiting Apple Pay and Google Pay
Apple Rushes to Patch Two Zero-Day Exploits Targeting Intel-Based Macs
Chinese Hackers Exploit Zero-Day in FortiClient VPN with ‘DeepData’ Toolkit
Critical Flaw in Popular WordPress Plugin Puts Millions of Websites at Risk
Glove Stealer Malware Evades Chrome’s App-Bound Encryption to Target Cookies
New RustyAttr Trojan Evades macOS Security Using Hidden Metadata
GoIssue: Sophisticated Phishing Tool Targets GitHub Developer Credentials
New Ymir Ransomware Launches In-Memory Attacks Post-RustyStealer Infections
North Korean Hackers Deploy MacOS Malware with Unseen Stealth to Hijack Crypto Firms
Winos4.0 Malware Framework Uses Gaming Apps to Infiltrate Windows Systems
