There are a lot of Portable Executable (PE) file explorers in the market - both professional and free. Most of them have similar features but only some of them play well on Microsoft Windows as well as *NIX platform. One such tool that is quickly becoming my favourite is PPEE short for Professional PE File Explorer. It is VERY portable and handles well even on Kali! Read more about PPEE: A Professional PE File Explorer!
Archives for June 2017
While at work today I had to deal with a Lotus Domino web application installation that I knew nothing about. This is where I searched a bit and found an open source tool - Domi-Owned. Read more about Domi-Owned: A IBM/Lotus Domino Exploitation Tool!
This is a short post about LFISuite, an open source local file inclusion scanner and exploiter that is coded in Python. It supports multiple attack points and also has TOR proxy support. We all know that Local File Inclusion (also known as LFI) is a process of "including" locally present files, through the exploitation of vulnerable inclusion procedures implemented in the application that accepts un-sanitized input. Read more about LFISuite: An Automatic LFI Exploiter & Scanner!
If you read this blog, you must have read about an earlier post titled - List of Raspberry Pi DIY Projects for Anonymity! Though that post dealt with DIY projects about anonymity, this post is about WarBerryPi, which is more of a device to be used for offensive activities such as red teaming built on the versatile Raspberry Pi platform.The name WarBerryPi was conceived by the author as the red team, blue team nomenclature is based on military terms. This tool allows you to plug it in Read more about WarBerryPi: Red Teaming Hardware Implant!
All of us know that in file format fuzzing, we fuzz different aspects of a file such as flags, file format constraints, structures etc. by generating multiple malformed samples, opening them and waiting for the program crash. We then process the generated debug information to find out if we found something interesting in the crash. Surprisingly, there is a dearth of file format fuzzers. However, we now have OpenXMolar for the Microsoft Windows operating system. Read more about OpenXMolar: A OpenXML File Format Fuzzing Framework!
Recently, we posted about HatCloud, a different tool which identifies CloudFlare protected IP addresses. This post is about CloudFail, a tool which detects CloudFlare protected hosts and then some more. Read more about CloudFail: Detect CloudFlare Secured Hosts!
This short post is about a simple tool named cignotrack, which comes close on the heels of my older posts about tools such as Belati, DataSploit and PowerMeta. This open source script helps you test a domains privacy settings and track their social media presence. Read more about [SHORT POST] cignotrack: A Simple Metadata Analyzer!