N1QLMap is an N1QL exploitation tool. Currently works with Couchbase database. The tool supports data extraction and performing SSRF attacks via CURL. More information can be found here: https://labs.f-secure.com/blog/n1ql-injection-kind-of-sql-inject...
For a list of functions, their usage, and more, check out https://powerzure.readthedocs.io What is PowerZure? PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created o...
mikrot8over: Fast exploitation tool for Mikrotik RouterOS up to 6.38.4 This is reworked original Mikrotik Exploit. Added Python 2 compatibility and multithreading scan features.Python version Utility was tested on a python2.6, python2.7, python3.*...
Ghost Framework is an Android post exploitation framework that uses anAndroid Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.Getting startedGhost installati...
Advanced Binary DeobfuscationThis repository contains the course materials of Advanced Binary Deobfuscation at the Global Cybersecurity Camp (GCC) Tokyo in 2020.Course AbstractReverse engineering is not easy, especially if a binary code is obfuscated. ...
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.RequirementsCorsy only works with Python 3 and has the following depencies:tldrequestsTo install these dependencies, navigate to Corsy directory and execu...
An SAP enumeration and exploitation toolkit using SAP RFC callsThis is a toolkit for demonstrating the impact of compromised service accounts.This PoC is not for use in production environments, no guarantee of stability or support.RFCpwn relies on the ...
This has only been tested on Kali.It depends on the msfrpc module for Python, described in detail here: https://www.trustwave.com/Resources/SpiderLabs-Blog/Scripting-Metasploit-using-MSGRPC/Install the necessary Kali packages and the PostgreSQL gem fo...
LinPwn is a interactive tool created to assist you in post exploitation enumeration and privilege escalation.ConnectionSet your IP and port you want it to connect to in the Connection class.Place the LinPwn binary on the target machine.Run nc -lvp PORT...
As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The ...
©2021 By Cyber Sec Labs
Recent Comments