Displaying 1 to 20 from 20 results

SpookFlare - Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures

  •    Python

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader/dropper generator for Meterpreter, Empire, Koadic etc. SpookFlare has obfuscation, encoding, run-time code compilation and character substitution features. So you can bypass the countermeasures of the target systems like a boss until they "learn" the technique and behavior of SpookFlare payloads. Special thanks to the following projects and contributors.

GTFOBins

  •    HTML

GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions. Browse the project here.




The (E)Lephant, The share sites download manager! [RapidShare MegaUpload ++]

  •    

The (E)Lephant is a project i have started about two years ago that holds the sole purpose of helping users to help users with rapidshare automatic downloading support, or any other share host for that matter! It automatically downloads from rapidshare with much more to it!

MDownloader

  •    DotNet

A tiny application designed for downloading files available at the most popular file hosting servers. Don't click - queue it.

fresh-require - Bypass the require cache when requiring a module – works with both node and browserify

  •    Javascript

Bypass the require cache when requiring a module – works with both node and browserify.Where module is the name of the module you're requiring, as you would normally pass to require. require should be your file's local require function.

import-fresh - Import a module while bypassing the cache

  •    Javascript

Useful for testing purposes when you need to freshly import a module.


mysql-unsha1 - Authenticate against a MySQL server without knowing the cleartext password

  •    C

Authenticate against a MySQL server without knowing the cleartext password. This PoC shows how it is possible to authenticate against a MySQL server under certain circumstances without knowing the cleartext password when the Secure Password Authentication authentication plugin (aka mysql_native_password, the default method) is used.

BurpSuiteHTTPSmuggler - A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

  •    Java

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques. This extension has been developed by Soroush Dalili (@irsdl) from NCC Group. The initial release (v0.1) only supports the Encoding capability that can be quite complicated to be performed manually. See the references for more details.

bypasses - Repackaging of Bypass with additional features

  •    Java

See the sample for more. Image loading can be done via the ImageGetter interface. Libraries exist for Picasso and Glide.

bypass-censorship-korea - :page_with_curl: 한국에서 인터넷 검열을 피하는 방법

  •    Javascript

본 문서는 국내 ISP 유해 사이트 필터링의 취약점을 간략하게 설명해놓은 문서이며, 이 문서의 내용을 악용할 시에는 법적 문제가 발생할 수 있으며, 그로 발생한 사고에 대해서 작성자는 절대 책임지지 않습니다. 한국에서 시대를 역행하는 warning.or.kr을 피하는 방법과 Node.js 기반 코드를 포함하고 있습니다.

Humanoid - Node.js package to bypass CloudFlare's anti-bot JavaScript challenges

  •    Javascript

A Node.js package to bypass WAF anti-bot JS challenges. Humanoid is a Node.js package to solve and bypass CloudFlare (and hopefully in the future - other WAFs' as well) JavaScript anti-bot challenges. While anti-bot pages are solvable via headless browsers, they are pretty heavy and are usually considered over the top for scraping. Humanoid can solve these challenges using the Node.js runtime and present the protected HTML page. The session cookies can also be delegated to other bots to continue scraping causing them to avoid the JS challenges altogether.

PRISM-AP - An automated Wireless RogueAP MITM attack framework.

  •    Shell

PRISM-AP is an automated Wireless RogueAP MITM attack framework. This script is distributed "as is" and no support will be provided in it's current state (not intended for beginners).

abuse-ssl-bypass-waf - Bypassing WAF by abusing SSL/TLS Ciphers

  •    Python

Notice: If you are worry about WAF drop the connection, you have better not use -thread option.

RIPv6 - Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

  •    Shell

A precondition for RIPv6 is an existing gateway that carries out the routing of the IPv6 network. The specific address range and this gateway are currently defined in the script itself in the Variables section. This section can also be used to define the time value for the rotation of IP addresses. In a later version these values can also be defined using parameters. IP addresses in the network range are randomly generated by the GenerateAddress() function, which currently generates addresses for a /64 subnet. Support for /48 networks is planned. The original function itself comes from Vladislav V. Prodan, although I have modified and shortened it for my own purposes.

IAT_API - Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file

  •    Assembly

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file. Design of the block is inspired by Stephen Fewer's block_api and Josh Pitts's 2017 DEFCON talk. iat_api finds the addresses of API functions by parsing the _IMAGE_IMPORT_DESCRIPTOR structure entries inside the import table of the PE file. It first calculates the ROR(13) hash of the (module name + function name) and compares with the hash passed to block. If the hash matches it calls the function with the parameters passed to block.