Daily Archives: November 14, 2016

Home » November 2016 » Archives for November 14, 2016

OWASP Mth3l3m3nt Framework: A Penetration Testing Aiding And Exploitation Framework Tool

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

OWASP Mth3l3m3nt Framework: A Penetration Testing Aiding Tool And Exploitation Framework
It fosters a principle of attack the web using the web as well as pentest.

Modules Packed in so far are:

Payload Store
Shell Generator (PHP/ASP/JSP/JSPX/CFM)
Payload Encoder and Decoder (Base64/Rot13/Hex/Hexwith \x seperator/ Hex with 0x […]

By |November 14th, 2016|Papers|

A Simple Static Malware Analyzer SSMA Tool Written in Python 3

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

SSMA is a simple malware analyzer written in Python 3.

Features:

Analyze PE file’s header and sections (number of sections, entropy of sections/PE file, suspicious section names, suspicious flags in the characteristics of the PE file, etc.)
Searches for possible domains, e-mail addresses, IP addresses in […]

By |November 14th, 2016|Papers|

PWND.SH: Post-Exploitation Framework (and an interactive shell) Developed In Bash Shell Scripting

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

It aims to be cross-platform (Linux, Mac OS X, Solaris etc.) and with little to no external dependencies.
Install:
$ cd bin/
$ ./compile_pwnd_sh.sh
This will generate a file called pwnd.sh

$ ls -la pwnd.sh
-rw-r–r–@ 1 ikotler  staff  7823 Oct 19 16:55 pwnd.sh

Now let’s get pwnd!

$ source pwnd.sh
Pwnd v1.0.0, Itzik […]

By |November 14th, 2016|Papers|

VolatilityBot – An Automated Memory Analyzer For Malware Samples And Memory Dumps

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

VolatilityBot – An Automated Memory Analyzer For Malware Samples And Memory Dumps
VolatilityBot is an automation tool for researchers cuts all the guesswork and manual tasks out of the binary extraction phase, or to help the investigator in the first steps of performing a memory analysis […]

By |November 14th, 2016|Papers|

Nathan: Android Emulator for Mobile Security Testing Tool

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Nathan is a 5.1.1 SDK 22 AOSP Android emulator customized to perform mobile security assessment.

Supported architectures:

x86
arm (soon)

The emulator is equipped with the Xposed Framework and the following pre-installed modules:

SSLUnpinning, to bypass SSL Certificate pinning.
Inspeckage, to perform the dynamic analysis of an […]

By |November 14th, 2016|Papers|