Search Results for "payloads" - Page 2
Sort By:
Showing 57 open source projects for "payloads"
View related business solutions-
This means every device on your network, and every interface on every device is automatically analyzed for performance, errors, QoS, and configuration.
-
ManageEngine's Endpoint Central is a Unified Endpoint Management Solution, that takes care of enterprise mobility management (including all features of mobile application management and mobile device management), as well as client management for a diversified range of endpoints - mobile devices, laptops, computers, tablets, server machines etc. With ManageEngine Endpoint Central, users can automate their regular desktop management routines like distributing software, installing patches, managing IT assets, imaging and deploying OS, and more.
-
1
node-red-contrib-trigger-atleast-every-x
Node sends On and Off when x sec. in Off mode
node-red-trigger-atleast-every-x is used to watch the payload coming in. Usually used with an ON or OFF payloads. When ON is received, the unit resets and sends an ON. If it's reset and OFF is received, an OFF is send and then the node makes sure that after x seconds an ON is send, unless reset. Incoming OFF payloads are ignored in the mean time. If the unit has send an ON because of the timer, after y seconds, an OFF is send and the unit is reset to send an On. -
2
Kage
Kage is Graphical User Interface for Metasploit Meterpreter
Kage is Graphical User Interface for Metasploit Meterpreter and Session Handler. Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads. Please follow the instructions to get a copy of Kage running on your local machine without any problems. electron-vue officially recommends the yarn package manager as it handles dependencies much better and can help reduce final build size with yarn clean. For now it only... -
3
APIthet
An Application to security test RESTful web APIs.
APIthet is an application to security test RESTful web APIs. Assessing APIs help in detecting security vulnerabilities at an early stage of the SDLC. Compare this with assessing an Android application that uses APIs on a backend server. This kind of assessment happens at a much later phase of the SDLC. Even worse, it does not necessarily touch all the APIs. That's not all. You specify one of the JSON parameters as random. This helps set a unique value for a specific JSON parameter in... -
4
Nishang
Offensive PowerShell for red team and penetration testing
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing and red teaming. Nishang is useful during all phases of penetration testing. Import all the scripts in the current PowerShell session (PowerShell v3 onwards). Use the individual scripts with dot sourcing. Note that the help is available for the function loaded after running the script and not the script itself since version 0.3.8. In all cases, the function... -
Define and Deliver Comprehensive Cybersecurity Services. Security threats continue to grow, and your clients are most likely at risk. Small- to medium-sized businesses (SMBs) are targeted by 64% of all cyberattacks, and 62% of them admit lacking in-house expertise to deal with security issues. Now technology solution providers (TSPs) are a prime target. Enter ConnectWise Cybersecurity Management (formerly ConnectWise Fortify) — the advanced cybersecurity solution you need to deliver the managed detection and response protection your clients require. Whether you’re talking to prospects or clients, we provide you with the right insights and data to support your cybersecurity conversation. From client-facing reports to technical guidance, we reduce the noise by guiding you through what’s really needed to demonstrate the value of enhanced strategy.
-
5
Andspoilt
Run interactive android exploits in linux.
Andspoilt is a command line user interface designed to easily exploit android devices. Run interactive android exploits in linux by giving the users easy interface to exploit android devices Uses an intergration with Metaspoilt Framework by giving the user an easy interface to create payloads and launch android exploits. Current Additional feature is a simple web server for file distribution. -
6
Wi-Fi Ducky
Upload, save and run keystroke injection payloads with an ESP8266
... remote connection and holding Ducky Script payloads. Although the ESP8266 is awesome, it doesn't have a native USB, which means it can't act as a keyboard. The ESP will open up a Wi-Fi access point and host a web interface from which you can upload and manage your scripts. When you hit run, it will send the script to the ATmega, which then will execute it on the target machine. -
7
ngrep strives to provide most of GNU grep's common features,applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. SUPPORT/REPORTING BUGS: please use https://github.com/jpr5/ngrep/issues Thank you!
-
8
USB Rubber Ducky
A human interface device programmable
The USB Rubber Ducky is a Human Interface Device programmable with a simple scripting language allowing penetration testers to quickly and easily craft and deploy security auditing payloads that mimic human keyboard input. The source is written in C and requires the AVR Studio 5 IDE from atmel.com/avrstudio. Hardware is commercially available. Imagine plugging in a seemingly innocent USB drive into a computer and installing backdoors, exfiltrating documents, or capturing credentials. With a few... -
9
Mpge
Mpge
Mpge is a wrapper of meterpreter (msfconsole, msfpayload and msfencode) of Metasploit Framework directly integrated with Mac OS X Snow Leopard 10.6.8 and with OS X Mavericks 10.9. With Mpge is possible make trojan horse files for Microsoft Windows, Linux and Mac OS X 10.3 Panther, OS X 10.4 Tiger, OS X 10.5 Leopard and OS X Montain Lion 10.8.1 for all Mac OS X is possible make a trojan horse files contains a reverse shell into files .pkg and files .app. I used three real Mac OS X: Attacker:... -
With Twilio Voice, you can build unique phone call experiences with one API, to create, receive, control and monitor calls with just a few lines of code. Create an engaging voice experience that you can quickly scale and modify with a wide array of customization options and resources.
-
10
PushSharp
A server-side library for sending Push Notifications to iOS
.... The API in v3.x+ series is quite different from 2.x. The goal is to simplify things and focus on the core functionality of the library, leaving things like constructing valid payloads up to the developer. For APNS you will also need to occasionally check with the feedback service to see if there are any expired device tokens you should no longer send notifications to. -
11
venom - shellcode generator
msfvenom shellcode generator/compiler/listenner
... some of the technics used by Veil-Evasion framework, unicorn.py, powersploit, etc,etc,etc.."P.S. some payloads are undetectable by AV soluctions yes!!!" one of the reazons for that its the use of a funtion to execute the 2º stage of shell/meterpreter directly into targets ram. -
12
OJson
Optimised JSON (Javascript Object Notation)
Optimise JSON by removing duplicate strings and arrays containing repeated object keys. Here you will find binary downloads and discussion (https://sourceforge.net/p/ojson/discussion/) . The actual development and issue tracking can be found here: https://bitbucket.org/cryanfuse/ojson -
13
netool toolkit 4.6
MitM pentesting opensource toolkit
... you the ability to capture pictures of target webbrowser surfing (driftnet), also uses macchanger to decoy scans changing the mac address. Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton) -
14
wafep
Web Application Firewall Evaluation Project
WAFEP is designed to assess the attack vector support of web application firewalls and application IDS/IPS modules. It operates through an "attacker website" with links, forms, browser controls and other request initiators which send a collection of malicious payloads through the WAF to a target application, which in turn, checks which payloads were blocked and which passed successfully. The WAFEP application serves as both the "attacker" website and the "target" website, and thus, should... -
15
Penetration-Testing-Toolkit v1.0
A web interface for various penetration testing tools
Penetration-Testing-Toolkit is a web based project to automate Scanning a network,Exploring CMS, Generating Undectable metasploit payload, DNS-Queries, IP related informations, Information Gathering, Domain related info etc -
16
IPTC-Attacker
Testing for XSS via IPTC metadata
As an open source penetration testing tool, IPTC-Attacker allows to create an image with IPTC metadata containing testing vectors for Cross-Site Scripting attacks. Each checkbox can be used to include a huge collection of payloads into the selected tags (HTML5sec, XSS Cheat Sheet). If a checkbox will be not selected, the string aaa'bbb"ccc<ddd is automatically included into the unchecked IPTC tag. Therefore, testing for XSS vulnerabilities via IPTC metadata is possible by looking... -
17
B Tree First-Fit malloc()
B Tree First-Fit Memory Allocator
BTFF Features O(log n) time with First-Fit behavior, as n is the number of allocated & free blocks. No boundary tag. Separation between payload and bookkeeping meta data. It does not use any free payload area. As of v1.0, payloads are located in data segment area which is acquired by brk(), and bookkeeping meta data are located in separated area which is acquired by mmap(). Small bookkeeping meta data overhead. Applicable to any kind... -
18
A collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat manager or debugger port).
-
19
Plinko was originally an experiment with Prefix Trees and log parsing. The general concept is to have a single end point you can send any data to, in a "fire and forget" fashion. Plinko should identify and parse the data completely without the sending system caring what it sent. The latest version supports named fields in the STL files for tagging data parsed in the Prefix Tree and anonymous functions for parsing dynamic message payloads. We now output JSON objects and I'm working on HBase...
-
20
Replicast replicates or copies the payloads of UDP datagrams from one source to one or more destinations.
-
21
The OWASP JBroFuzz Project is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.
-
22
RemoteAgent.NET is a Client/Server application built to coordinate the execution of code on a remote machine. It supports script and zip payloads, as well as remote invocation of scripts on the target machine.
-
23
Deep packet inspection is a tool for detecting viruses in the network traffic. It works by matching virus signatures with the packet payloads using Bloom filters. Since this requires high computational power it is built on cell broadband engine.
-
24
Similar to XSS warning addon. Look for URL string for XSS payloads. Detect and stop XSS attacks from evil bad guys to you in addition to detection of Malicious JavaScript embedded in malicious sites.
-
25
Steganography tool which establishes a full-duplex steganographic data transfer protocol utilizing Real-time Transfer Protocol (RTP) packet payloads as the cover medium. The tool provides interactive chat, file transfer, and remote shell access.