dot - The Deepfake Offensive Toolkit
About the Tool:
dot (aka Deepfake Offensive Toolkit) makes real-time, controllable deepfakes ready for virtual cameras injection...
- Face Swap
- Lower Quality Face Swap
- FOMM, First Order Motion Model for Image Animation
PyExfil - Exfiltration Techniques
About the Tool:
The purpose of PyExfil is to set as many exfiltration and communication techniques that can be used by various threat actors/malware...
Network Techniques:
- DNS Query
- HTTP Cookie
Communication Techniques:
- NTP Request
- DropBox LSP (Broadcast or Unicast)
Physical Techniques:
- Audio - No listener
- QR Codes
Steganography Techniques:
- Binary Offset
- Video Transcript to Dictionary
WAF Bypass Tool
About the Tool:
WAF Bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads...
Payloads available for: API, GraphQL, LDAP, LFI, NoSQLi, RCE, RFI, SQLi, SSI, SSRF, SSTI, XSS and many more...
Visit GitHub Repository
radare2
About the Tool:
radare2 is a complete rewrite of radare. It provides a set of libraries, tools, and plugins to ease reverse engineering tasks...
The radare project started as a simple command-line hexadecimal editor focused on forensics. Today, r2 is a featureful low-level command-line tool with support for scripting...
r2 can edit files on local hard drives, view kernel memory, and debug programs locally or via a remote gdb server. r2's wide architecture support allows you to analyze, emulate, debug, modify, and disassemble any binary.
Visit GitHub Repository
Villain
About the Tool:
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features...
The framework's main features include:
- Payload generation based on default, customizable, and/or user-defined payload templates (Windows & Linux),
- A dynamically engaged pseudo-shell prompt that can quickly switch between shell sessions,
- File uploads (via HTTP),
- Auto-HTTP request & exec scripts against sessions (a bit unstable),
- Auto-invoke ConPtyShell against a PowerShell r-shell session as a new process to gain a fully interactive Windows shell,
- Team chat,
- Session Defender (a feature that inspects user-issued commands for mistakes / unintentional input that may cause a shell to hang).
![Advent of Cyber 2023 - [Day 8] Have a Holly, Jolly Byte! - Tryhackme](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_XGAm-8qQzrVonMB0Wbe1_GVvAV2RlP2J3B8FUsH-KO3WMMWrpZXhOLM7WvObND02hnn7gav4lq9octjnmU3Ks8bNkeqzbGgHT-zYU5iEk5st7Je14tvy0wSgezKozltwaT7yv9sd9uYNeTR038WctHTY1kl_936FYJIJ0YkjlAC03LwyEhlkaOjgIMo/w72-h72-p-k-no-nu/2023-12-09_19h11_21.png)
![Advent of Cyber 2023 - [Day 4] Baby, it's CeWLd outside - Tryhackme](https://blogger.googleusercontent.com/img/a/AVvXsEi4XiPHqqRZ1QvpfdpWFU5mbVmEcZfxpf7hHSqOxUkThHHJlTYJh370DHSOLBi0HnDCkLt9-RAqgLROb7a_eIv0MUH2qZhoH6d1mCOepKqW9_ZUCjUlEqY1BASrTRO9Er1YMokW5QNmD7dDVINYNnkvTkKCqjP-Uy-d6FH0_yGuzNE3QUecSlAaAzuaGRA=w72-h72-p-k-no-nu)
0 Comments