Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk
This entire talk is a series of Jupyter Notebooks! To get started:
Clone this repo:
$ git clone https://github.com/HuskyHacks/the-crown-defcon615.git && cd the-crown-defcon615
Install poetry:
$ pip3 install poetry
Enter a Poetry shell:
$ poetry shell
From the poetry shell, install all the project dependencies:
$ poetry install
Start Jupyter Lab!
$ jupyter lab main.ipynb
CVE-2021-40870 Exploitation An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous ty
ssts-chk SSL / TLS Checking Tool written in Python3. This tool will perform the following functions: Connect the target given Analyze the secure conne
StrongBox 🔐 A secure way of storing your passwords. 🔑 Why to use StrongBox? StrongBox makes it possible to have a random generated strong password i
PyExtractor is a decompiler that can fully decompile exe's compiled with pyinstaller or py2exe with additional features such as malware checker/detector! Also checks file(s) for suspicious words, dis
proto A fast tool to scan prototype pollution vulnerability Syntax python3 proto.py -l alive.txt Requirements Selenium Google Chrome Webdriver Note :
PyPasser is a Python library for bypassing reCaptchaV3 only by sending 2 requests. In 1st request, gets token of captcha and in 2nd request,
Tracing URL redirects has never been easier! Usage • Download 🚩 Use Cases To see where an affiliate link ends up To see what affiliate network is bei
NSGenCS What Is? An extremely simple, yet extensible framework to evade AV with obfuscated payloads under Windows. Installation Requirements Currently
Grafana V8.0+版本存在未授权任意文件读取 0Day漏洞 - POC 1 漏洞信息 1.1 基本信息 漏洞厂商:Grafana 厂商官网:https://grafana.com/ 1.2 漏洞描述 Grafana是一个跨平台、开源的数据可视化网络应用程序平台。用户配置连接的数据源之后,Gr
Implementation of dependency injection for apscheduler Prerequisites: apscheduler-di solves the problem since apscheduler doesn't support Dependency I
Django Protected Media Django Protected Media is a Django app that manages media that are considered sensitive in a protected fashion. Not only does t
ParamsExtractor A burp-suite plugin that extract all parameters name from in-scope requests. You can run the plugin while you are working on the targe
vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen
vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu
A forensic tool to make analysis of email headers easy to aid in the quick discovery of the attacker. Table of Contents About mailMeta Installation Us
Patching - Interactive Binary Patching for IDA Pro Overview Patching assembly code to change the behavior of an existing program is not uncommon in ma
CVE-2021-26084 - Confluence Server Webwork OGNL injection An OGNL injection vulnerability exists that would allow an authenticated user and in some in
Parental Control Application LittleBrother Overview LittleBrother is a simple parental control application monitoring specific processes (read "games"
print " INSTALL TOOLS " $ pkg update && upgrade $ pkg install python2 $ pkg install git $ pip2 install lolcat $ pip2 install bs4 $ pip2 install reques
Author:0xAXSDD By Gamma安全实验室 version:1.0 explain:这是一款用户绕过前端js加密进行密码爆破的工具,你无需在意js加密的细节,只需要输入你想要爆破url,以及username输入框的classname,password输入框的clas
16 Nov 15, 2022
2 Feb 12, 2022
5 Dec 25, 2021
56 Jul 31, 2022
4 Aug 31, 2021
253 Jan 05, 2023
41 Nov 22, 2022
123 Dec 19, 2022
3 Dec 13, 2021
11 Dec 07, 2022
46 Nov 12, 2022
29 Nov 09, 2022
4 Sep 23, 2022
1 Jan 14, 2022
59 Nov 26, 2022
589 Dec 30, 2022
295 Jan 06, 2023
40 Dec 21, 2022
2 Nov 29, 2021
75 Nov 25, 2022