This project is for finding a solution to use Security Onion Elastic data with Jupyter Notebooks.
Credit to Cyb3r Monk for bringing RITA to Jupyter Notebooks.
https://github.com/Cyb3r-Monk/RITA-J/blob/main/C2%20Detection%20-%20HTTP.ipynb
So far I am able to pull back data from Security Onion using the elastic API. Please see Security-Onion Notebooks above for more detial. If you would like to add to this project please feel free to do so. Enjoy!
File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview
CVE-2022-22536 SAP memory pipes desynchronization vulnerability(MPI) CVE-2022-22
PyPassKeep Encrypted Python Password Manager About PyPassKeep (PPK for short) is an encrypted python password manager used to secure your passwords fr
Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (
fpmachine python driver for fingerprint machine (ZKTeco biometrics) support until now 2 model supported and tested ZMM100_TFT and ZMM220_TFT install p
GriefBuddy This script searches Shodan for Minecraft server IPs to grief. This will return all servers connected to the public internet which Shodan h
pwncat_pwnkit Introduction The purpose of this module is to attempt to exploit CVE-2021-4034 (pwnkit) on a target when using pwncat. There is no need
#1 使用说明 CVE-2021-44228 log4j 2.x rce漏洞检测工具,对目标链接发起get请求并利用dnslog探测是否有回显 $ python3 log4j-scan.py -h
Wellcome to tools Results Install Tools
Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
Log4Scan A simple automatic tool for finding vulnerable log4j hosts Installation pip3 install -r requirements.txt Usage usage: log4scan.py [-h] (-f FI
4nought3 A python script to bypass 403-forbidden. It covers methods like Host-Header Injections, Changing HTTP Requests Methods and URL-Injections. Us
edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node. The node in question happened to be a W
Author:0xAXSDD By Gamma安全实验室 version:1.0 explain:这是一款用户绕过前端js加密进行密码爆破的工具,你无需在意js加密的细节,只需要输入你想要爆破url,以及username输入框的classname,password输入框的clas
介绍 工具介绍 这是一款致力于将各类优秀脚本集合在一起调用、联动,最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息,发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。
sshuttle: where transparent proxy meets VPN meets ssh As far as I know, sshuttle is the only program that solves the following common case: Your clien
SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of m
CVE-2021-21389 BuddyPress 7.2.1 - REST API Privilege Escalation to RCE PoC (Full) Affected version: 5.0.0 to 7.2.0 User requirement: Subscriber user
CloudFlare reconnaissance, tries to uncover the IP behind CF.
SimplesApachePathTraversal Simples Apache Path Traversal It's a simple tool for test vulnerability Apache Path Traversal https://blog.mrcl0wn.com/2021
5 Nov 17, 2022
49 Nov 09, 2022
1 Nov 17, 2021
59 Dec 01, 2022
4 Oct 06, 2022
26 Dec 29, 2022
33 Jul 01, 2022
4 Jan 13, 2022
23 Dec 17, 2022
1.2k Dec 27, 2022
6 Mar 10, 2022
11 Aug 27, 2022
43 Dec 23, 2022
75 Nov 25, 2022
23 Jul 05, 2022
9.4k Jan 04, 2023
9k Jan 08, 2023
17 Nov 09, 2022
8 Dec 03, 2021
56 Dec 27, 2022