An IDA pro python script to decrypt Qbot malware strings.
Tested and working with Qbot OBAMA111 https://www.malware-traffic-analysis.net/2021/10/07/index.html
Before using the script make sure to fix the calling convention of the decryption functions like below.
All the decrypted string will be placed as comment next to the decrypt string function call.
💣 Bomb Crypto Bot 💣 ⚠️ Warning I am not responsible for any penalties incurred by those who use the bot, use it at your own risk. 📄 Documentation -
ClusterFuzz ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software. Google uses ClusterFuzz to fuzz all
notForbidden Security tool to test different bypass of forbidden Usage python3 notForbidden.py URL Features Bypass with different methods (POST, OPT
Re-Scripts IA32-VMX-Helper (IDA-Script) IA32-MSR-Decoder (IDA-Script) IA32 VMX Helper It's an IDA script (Updated IA32 MSR Decoder) which helps you to
EthTx Community Edition Community version of EthTx transaction decoder Local environment For local instance, you need few things: Depending on your di
Shellshock, also known as Bashdoor, is a family of security bugs in the Unix Bash shell, the first of which was disclosed on 24 September 2014. Shellshock could enable an attacker to cause Bash to ex
dora Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to write a good report for bug bount
Tracey-Backdoor A Reverse Shell Backdoor made in python OOP. It supposed to work in Windows and Linux OS Functions: Reverse Connection Send Reverse TC
cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session
NSGenCS What Is? An extremely simple, yet extensible framework to evade AV with obfuscated payloads under Windows. Installation Requirements Currently
HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.
dns-mf-hazard Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions How to use it? Installation You need python
sshuttle: where transparent proxy meets VPN meets ssh As far as I know, sshuttle is the only program that solves the following common case: Your clien
springcore-0day-en These are all my notes from the alleged confirmed! 0day dropped on 2022-03-29. This vulnerability is commonly referred to as "Sprin
PySharpSphere Inspired by SharpSphere, just another python version. Installation python3 setup.py install Features Support control both Linux and Wind
Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are
The Recon-ng Framework Recon-ng content now available on Pluralsight! Recon-ng is a full-featured reconnaissance framework designed with the goal of p
Choose dependency injection Friendly with MyPy Supports lazy injections Supports
SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation
NS-LOOKUP A python script for scanning website for getting ip address of a websi
4 Apr 27, 2022
4.9k Jan 08, 2023
6 Sep 08, 2022
16 Oct 08, 2022
240 Dec 21, 2022
88 Dec 23, 2022
243 Dec 27, 2022
13 Oct 15, 2022
135 Dec 14, 2022
123 Dec 19, 2022
5 May 10, 2022
2 Jan 01, 2022
9.4k Jan 04, 2023
105 Nov 26, 2022
191 Dec 22, 2022
96 Dec 14, 2022
2.4k Jan 07, 2023
3 Jan 26, 2022
44 Nov 21, 2022
5 Aug 02, 2022