Search Results for "webserver"

The script will use msfvenom (metasploit) to generate shellcode in different formats ( C# | python | ruby | dll | msi | hta-psh | doc | apk | macho | elf | deb | mp4 | etc ) injects the shellcode generated into one template (example: python) "the python function will execute the shellcode into ram" and uses compilers like gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file. It also starts a handler to receive the remote connection (shell or meterpreter) venom 1.0.11 (malicious_server) was build to take advantage of apache2 webserver to deliver payloads (LAN) using a fake webpage writen in html to be hable to trigger payload downloads, the user just needs to send the link provided to target host.

Full-featured C2 framework which silently persists on webserver via polymorphic PHP oneliner. The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor. Detailed help for any option (help command) Cross-platform on both client and server. CLI supports auto-completion & multi-command.

The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ), injects the shellcode generated into one funtion (example: python) "the python funtion will execute the shellcode in ram" and uses compilers like: gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file, also starts a multi-handler to recibe the remote connection (reverse shell or meterpreter session). -- 'shellcode generator' tool...

Catch bad visitors to your php website that are looking for admin access or exploitable web scripts, automatically lookup abuse information for their IP address and notify their network's administrators of their bad behavior. Most network operators provide abuse contact email addresses in their WHOIS information, and your webserver can immediately report malicious access attempts as they happen. A large amount of bots that sniff around websites for unsecured standard web apps (like phpMyAdmin or WordPress) to exploit are run by a very few bad actors. They're easy to catch by watching for attempted visits to pages that don't exist (usually with admin or db in the path). ...

Simple CGI script which allows you to transfer sensitive ascii data (passwords, hashes, pem keys) via HTTPS. SSL MUST BE implemented by webserver. Algorithm: - Paste new data into textarea, submit. You get link Link consists of three md5 hashes from salt. File, containing your data, named that way. So, it is hard to bruteforce links/files. - Whenever link being opened, script reads file and prints its content into brower in text/plain content-type. Afterthat, script removes file. ...

Pombo works silentely in the background, hidden, and sends tracking information to a webserver of your choice. If your computer is stolen, just log into your webserver to get the lastest file uploaded by Pombo, decrypt and hand it to the police. They will have all they need to catch the thief: IP address, date/time, nearby routers, screenshot, and even a photo of his/her face if you have a webcam ! Pombo protects your privacy: Tracking information is encrypted with rock-solid GnuPG and only you can decrypt it.

Amnesia is a design-rich 'host-proof' web application that encrypts and remembers all sorts of personal information from passwords to private notes. Project now hosted at Google Code: https://code.google.com/p/amnesia-app/

mod_auth_certificate is an authentication module for Apache Webserver 2.x. It adds the capability to forward usernames returned by mod_ssl to authorization providers like mod_authz_ldap.

Simple HTTP Scanner is a creation made for web site pen testing. You can check for directories and files on the remote web server and get some server information like the webserver running and other skills.

Anonycat is web-based software that allows you to surf the web anonymously and bypass overly restrictive corporate firewalls or monitoring/blocking software. It can be used online (http://anonycat.com), or run as a service on your own webserver.

Apache module that integrates CAS into the famous webserver. The module is built upon libcas.

hcovert is a steganographic communications tool used to create a covert channel using a HTTP GET request to convey it's message to a webserver and webserver log parsing to retrieve the message. This tool will both send as well as recieve messages.

PACIE (Perl Analysis Console for Intrusion Events) Attempts to be a complete replacement for ACID. Place this cgi script on your internal webserver and receive powerfull reporting on your current snort database.

OpenAnonymity consists of a module for apache 2.0 Webserver and a framework that enables you to control search engine spider indexing on a word level, contrary to on file level as in Robots exclusion. OA could force Spiders to follow this rules.

phpMySecret - Webbased password database This project is a solution for all, who have to remember a lot of passwords for several sites and applications. On an webserver there where all passwords stored (encypted) and only with the user-given paraphrase