Month: March 2020

NEW TOOLSToolAWSEC2DistributedCytoscapeAWS SecurityNeo4JAwspxGraph TheoryOMENS

Awspx – A Graph-Based Tool For Visualizing Effective Access And Resource Relationships In AWS Environments

auspex [ˈau̯s.pɛks] noun: An augur of ancient Rome, especially one who interpreted omens derived from the observation of birds.awspx is a graph-based tool for visualizing effective access and resource relationships within AWS. It resolves policy information to determine what actions affect which resources, while taking into account how these actions may be combined to produce attack paths. Unlike tools like Bloodhound, awspx requires permissions to function. It is not expected to be useful in cases where these privileges have not been granted.Quick startInstall (see…

JavaScriptSecurity FeedsMalware DescriptionsAPT reportsFeaturedTargeted AttacksWatering hole attacksWebsite HacksAdobe Flashdrive-by attack

Holy water: ongoing targeted water-holing attack in Asia

On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign has been active since at least May 2019, and targets an Asian religious and ethnic group. The threat actor’s unsophisticated but creative toolset has been evolving a lot since the inception date, may still be in development, and leverages Sojson obfuscation, NSIS installer, Python, open-source code, GitHub distribution, Go language, as well as Google Drive-based C2 channels.…


CVE-2020-0796 – CVE-2020-0796 Pre-Auth POC

(c) 2020 ZecOps, Inc. - - Find Attackers' Mistakes POC to check for CVE-2020-0796 / "SMBGhost" Expected outcome: Blue Screen Intended only for educational and testing in corporate environments. ZecOps takes no responsibility for the code, use at your own risk. Please contact if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBGhost and other types of attacks automatically. Usage CVE-2020-0796-POC.exe [<TargetServer>] If <TargetServer> is omitted, the POC is executed on localhost ( Compiled POC…

NEW TOOLSPcapAirodump-ngProcessesPacket AnalysisR00Kie-Kr00Kie

R00Kie-Kr00Kie – PoC Exploit For The CVE-2019-15126 Kr00K Vulnerability

DisclaimerThis is a PoC exploit for the CVE-2019-15126 kr00k vulnerability.This project is intended for educational purposes only and cannot be used for law violation or personal gain.The author of this project is not responsible for any possible harm caused by the materials.RequirementsTo use these scripts, you will need a WiFi card supporting the active monitor mode with frame injection. We recommend the Atheros AR9280 chip (IEEE 802.11n) we used to develop and test the code. We have tested this PoC on Kali LinuxInstallation# clone…

NEW TOOLSPrivilege EscalationOne-Lin3rMultiplatformPentesting WindowsLiners DatabaseOne LinerOne LinersPayloads DatabaseWeb Based Attacks

One-Lin3r v2.1 – Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More

One-Lin3r is simple modular and light-weight framework gives you all the one-liners that you will need while penetration testing (Windows, Linux, macOS or even BSD systems) or hacking generally with a lot of new features to make all of this fully automated (ex: you won't even need to copy the one-liners).ScreenshotsIt consists of various one-liners types with various functions, some of them are: One-liner functionWhat this function refers toReverse ShellVarious methods and commands to give you a reverse shell.PrivEscMany commands to help in Enumeration…

NEW TOOLSMacOSINT ToolOsint FrameworkiKyProject iKy

Project iKy v2.4.0 – Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface.Visit the Gitlab Page of the ProjectInstallationClone repositorygit clone BackendRedisYou must install Rediswget xvzf redis-stable.tar.gzcd redis-stablemakesudo make installPython stuff and CeleryYou must install the libraries inside requirements.txtpython3 -m pip install -r requirements.txtInstall FrontendNodeFirst of all, install nodejs.DependenciasInside the directory frontend install the dependenciescd frontendnpm installWake up iKy ToolTurn on BackendRedisTurn on the server in a terminalredis-serverPython stuff and CeleryTurn on Celery in another terminal,…