AI Summary: BurpCrypto is a collection of encryption plugins for Burp Suite, supporting multiple encryption algorithms including AES, RSA, and DES, as well as the execution of JavaScript code for encryption tasks. Its primary use case is to enhance the capabilities of security professionals by allowing them to integrate cryptographic functions directly into their testing workflows. Notable features include a user-friendly interface for key management and seamless integration with Burp Suite’s payload processing system.

AI Summary: CaptfEncoder is an open-source, cross-platform network security tool suite designed for code conversion, cryptography, and a variety of online query tools. It features a wide range of encoding methods, classical ciphers, and modern cryptographic algorithms, enabling users to perform tasks such as data encoding, encryption, and security analysis efficiently. The tool is built in Rust, ensuring enhanced performance and supports a variety of operating systems including Windows, Linux, and macOS.

AI Summary: Ciphey is a fully automated tool designed for decryption, decoding, and cracking of encoded data, leveraging natural language processing and artificial intelligence techniques. Its primary use case is to assist cybersecurity professionals and enthusiasts in deciphering encrypted messages and files without requiring prior knowledge of the encryption methods used. Notable features include support for various installation methods (Python, Docker, MacPorts, Homebrew) and a user-friendly interface that simplifies the decryption process.

AI Summary: Step CLI is a robust command-line interface tool designed for building and managing Public Key Infrastructure (PKI) systems and workflows, providing functionalities for cryptographic operations and X.509 certificate management. Key features include the ability to create, revoke, and validate certificates, generate key pairs and Certificate Signing Requests (CSRs), and automate certificate issuance via integration with the step-ca server and ACME-compliant CAs. The tool simplifies the setup and maintenance of secure TLS/HTTPS environments, making it essential for developers and system administrators working with PKI.

AI Summary: CloakifyFactory is a tool designed for text-based steganography that transforms any file type into a list of innocuous strings, enabling covert data exfiltration and infiltration while evading detection by data loss prevention systems and analysts. Key features include the ability to cloak various file formats, social engineering capabilities to mislead security reviews, and the option to add noise for enhanced resistance against frequency analysis. It serves as an educational tool for introducing concepts of cryptography and steganography, though it is not secure for sensitive data without prior encryption.

AI Summary: Phase Console is an open-source platform designed for engineering teams to efficiently manage and secure application secrets throughout the development lifecycle. Its notable features include a comprehensive dashboard for secret management, role-based access control, seamless integration with various CI/CD platforms and Kubernetes, as well as SDK support for multiple programming languages, enabling secure secret injection and synchronization across environments.

README

Repos

Docs | CLI | Node SDK | Python SDK
Golang SDK | Helm Chart | Kubernetes Operator | Terraform Provider

AI Summary: The crypto-attacks repository provides Python implementations of various cryptographic attacks and utilities, primarily focusing on attacking RSA using methods such as the Boneh-Durfee attack. Notable features include the ability to customize parameters for specific attacks, integration with SageMath for advanced mathematical computations, and a structured approach for unit testing and utilizing the attack scripts.

README

Introduction

Python implementations of cryptographic attacks and utilities.

Requirements

• SageMath with Python 3.9
• PyCryptodome

You can check your SageMath Python version using the following command:

AI Summary: The ctf-skills repository provides an extensive collection of agent skills designed to facilitate the solving of Capture The Flag (CTF) challenges across various domains, including web exploitation, binary pwn, reverse engineering, and more. Notable features include support for multiple installation methods, a comprehensive tool installer script, and detailed skill documentation for on-demand use, allowing users to efficiently integrate the necessary tools as challenges arise. It is compatible with any tool adhering to the Agent Skills specification, enhancing its versatility in competitive cybersecurity contexts.

AI Summary: CTFever is a comprehensive toolkit designed for Capture The Flag (CTF) participants, offering a variety of utilities to assist in solving challenges. It includes a range of tools for tasks such as encoding/decoding, cryptography, and data analysis, featuring notable options like Base64 encoding, Caesar ciphers, and hash calculations. This resource is particularly beneficial for cybersecurity enthusiasts engaged in competitive environments, aiming to streamline their workflow and enhance their problem-solving capabilities.

AI Summary: CTFs is a repository containing write-ups and resources for various Cyber Capture The Flag (CTF) challenges. It offers a comprehensive cheat sheet detailing strategies and techniques across diverse categories, including forensics, binary exploitation, web challenges, and cryptography. Notable features include curated educational resources, practice sites, and a web mirror for easy access.

README

CTFs

Writeups / Files for some of the Cyber CTFs that I’ve done

I’ve also included a list of CTF resources as well as a comprehensive cheat sheet covering tons of common CTF challenges

AI Summary: DeepTraffic is a toolkit that employs deep learning models specifically for the classification of network traffic, focusing on identifying malware and anomalies. Its primary application lies in enhancing cybersecurity measures through effective traffic analysis and representation learning using convolutional neural networks. Notable features include end-to-end encrypted traffic classification and the ability to learn hierarchical spatial-temporal features for improved intrusion detection.

README

Deep Learning models for network traffic classification

For more information please read our papers.

AI Summary: Destroylist is a comprehensive phishing and scam domain blacklist that provides real-time threat intelligence to protect users globally. This tool maintains an extensive database of over 100,000 phishing domains and features active statistics on domain additions and removals, ensuring up-to-date protection against online threats. The repository supports community contributions, fostering collaborative efforts in enhancing online security.

README

Destroylist: Phishing & Scam Domain Blacklist

AI Summary: Dotenvx is a secure dotenv tool that allows developers to manage environment variables across multiple platforms and programming languages. Its primary use case is to enhance the safety and flexibility of environment variable handling by providing support for encrypted environment files and easy integration into existing applications. Notable features include cross-platform compatibility, multi-environment management, and straightforward installation options via various package managers and direct execution methods.

README

AI Summary: FeatherDuster is a cryptographic analysis tool designed to facilitate the identification and exploitation of weaknesses in cryptosystems, leveraging its underlying library, Cryptanalib. It offers capabilities for automatic encoding detection and decoding, interaction with multiple ciphertext formats, and supports various cryptographic analysis functions, making it suitable for both researchers and practitioners in the field of cryptography. The tool aims to simplify the process of analyzing flawed cryptographic implementations, while Cryptanalib serves as a flexible engine for developing custom crypto attack methods.

AI Summary: FilelessPELoader is a tool designed to load and execute AES-encrypted Portable Executable (PE) files directly into memory, bypassing the need for traditional file storage. Its primary use case is to facilitate stealthy execution of payloads in memory, enhancing evasion techniques commonly utilized in cybersecurity attacks. Notable features include the ability to decrypt the PE file in-memory and execute it without leaving traces on disk.

README

FilelessPELoader

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

AI Summary: frida-ios-dump is a tool designed for extracting decrypted IPA files from jailbroken iOS devices. The primary use case involves leveraging Frida to automate the process of dumping application binaries, making it particularly useful for security researchers and developers analyzing iOS applications. Notable features include support for both Python 2.x and 3.x, as well as a straightforward command-line interface for initiating the dump process with either the display name or bundle identifier of the target app.

AI Summary: GDA (GJoy Dex Analyzer) is a powerful Dalvik bytecode decompiler designed for fast analysis of APK, DEX, ODEX, OAT, JAR, CLASS, and AAR files, with minimal memory and disk consumption. It features advanced capabilities including malicious behavior detection, vulnerability scanning, path solving, and deobfuscation, as well as various utilities for interactive operation and assisted analysis. GDA operates natively without requiring a Java VM, making it suitable for use on various Windows systems and virtual machines.

AI Summary: GonnaCry is a Linux-based ransomware designed to encrypt user files using a robust AES-256-CBC encryption scheme, featuring per-file random AES keys and initialization vectors. Its primary use case is to serve as an educational tool for understanding malware, cryptography, and operating systems, with capabilities such as communicating with a server for key management, altering system wallpapers, and terminating database services. Notable features include a built-in decryptor and the use of RSA-2048 for secure key encryption, making it a comprehensive demonstration of ransomware mechanics.

AI Summary: GpgFrontend is a modern encryption tool that leverages GnuPG to facilitate easy and secure encryption and signing of texts and files across multiple platforms, including Windows, macOS, and Linux. Key features include a portable solution that can be run from a USB drive, flexible management of key databases, and a strong focus on user privacy through various safety measures. The tool also supports extensive module development, allowing for customizable user experiences and features.

AI Summary: HackBrowserData is a command-line utility designed for decrypting and exporting sensitive data, such as passwords, cookies, and browsing history, from various popular web browsers on Windows, macOS, and Linux. Its notable features include support for the latest encryption standards, like AES-256-CBC for Firefox 144 and beyond, and comprehensive compatibility with a wide range of browsers including Google Chrome, Microsoft Edge, and Opera. The tool emphasizes its intended use for security research while disclaiming legal responsibilities associated with its application.

AI Summary: HackDroid is a comprehensive collection of penetration testing and security-related applications tailored for Android devices. It organizes applications into diverse categories, including forensics, networking, and cryptography, to facilitate easy access and download, while emphasizing the necessity of root permissions and ethical use cases. Notable features include a wide range of tools for various hacking and security tasks, and guidance for use on secondary devices to mitigate risks.

README

AI Summary: The hrtng IDA plugin provides a suite of tools designed to enhance the reverse engineering process within the IDA Pro environment, specifically leveraging the Hex-Rays decompiler. Its notable features include automation of variable renaming, interactive pseudocode transformations, various decryption capabilities, and assistance with obfuscated code analysis, all aimed at improving the efficiency and accuracy of binary analysis tasks. The plugin integrates seamlessly into IDA’s existing functionality, offering a structured approach to handling complex code scenarios.

AI Summary: Malware-Exhibit is a malware analysis tool designed for researchers and security professionals to dissect and analyze various malware samples. It supports multiple programming languages and platforms, allowing users to examine the behavior and characteristics of malware, providing insights for threat detection and mitigation. Notable features include a comprehensive user interface and the ability to integrate additional analysis tools and scripts.

README

⚠️⚠️ Malware-Exhibit ⚠️⚠️

AI Summary: MetaOSINT is an open-source intelligence aggregation tool designed to assist OSINT practitioners in efficiently identifying and accessing relevant publicly available tools and resources. Its primary purpose is to streamline investigations by providing a curated list of top tools, significantly enhancing the speed and effectiveness of research and analysis. Notable features include an intuitive interface for surfacing resources and the ongoing community contribution model that allows users to submit additional tools.

AI Summary: mongoaudit is a command-line interface tool designed for auditing MongoDB servers to identify security misconfigurations and vulnerabilities. Its primary use case is to enhance security by detecting poor configuration settings and providing actionable advice to rectify them, thus helping administrators implement best practices. Notable features include automated penetration testing capabilities and comprehensive reporting with guidance on securing MongoDB installations.

README

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing.

AI Summary: Nginx-Lua-Anti-DDoS is a protective tool designed for Nginx web servers, leveraging Lua scripting to mitigate DDoS attacks through a JavaScript-based authentication puzzle inspired by Cloudflare’s “I’m Under Attack” mode. The tool features automatic detection and activation of protection mechanisms against various attack types, extensive IP and User-Agent filtering options, as well as capabilities to inspect and block malicious HTTP requests. With no limitation on attack size and built-in logging for monitoring, it offers customizable error responses and caching optimizations to enhance web server performance during attacks.

AI Summary: The On-Chain Investigations Tools List is a comprehensive repository designed for conducting thorough investigations into blockchain-related activities. Its primary use case is to provide a curated compilation of tools and resources for tracking crypto hacks, security incidents, and on-chain analysis, featuring various utilities for data analysis, such as Nansen, Dune, and Metasleuth. Notable features include diverse categories of tools, a knowledge hub, and educational articles that guide users in developing effective investigative methodologies.

AI Summary: The Open Source Security Guide serves as a comprehensive resource for enhancing the security of systems and networks by providing tutorials, standards, and tools relevant to open-source security practices. It includes sections on security certifications, threat models, and various security frameworks, along with a curated list of tools and resources to improve security operations. Notably, it aims to foster a collaborative environment for sharing best practices and advancing security through community initiatives.

AI Summary: The OSINT tools repository provides a comprehensive collection of 308 scripts and tools designed for Open Source Intelligence (OSINT) investigations. Users can select tools based on various input data types across numerous categories, including account identifiers, file types, and network analysis. Notable features include easy navigation through categorized tools and the ability to access the latest version of each tool by modifying the repository commit reference.

README

OSINT tools

Various OSINT tools and scripts, total 308 repos.

AI Summary: Password Pusher is an open-source web application designed for securely sharing sensitive information such as passwords, notes, files, and URLs via self-destructing links. Its notable features include encrypted storage, customizable expiry controls, comprehensive audit logging, and the ability to self-host or utilize a hosted service, making it suitable for individual users and teams. The tool supports multiple languages and offers integrations through a JSON API and command-line interface, enhancing its versatility in secure information sharing.

AI Summary: Binary Refinery is a command-line toolkit designed for the transformation of binary data, focusing on malware triage analysis through various scripts that handle tasks like compression and encryption. It enables users to create flexible processing pipelines by chaining scripts with the piping operator. Key features include the ability to read from stdin and write to stdout, extensive documentation accessible via command-line help, and an emphasis on modular units that perform singular tasks efficiently.

AI Summary: The Simple Security Toolkit is a collection of practical guides and checklists designed to enhance the security of smart contract development, primarily targeting early-stage protocol teams. Key features include a structured development process, audit readiness and pre-launch security checklists, and an incident response plan template, all aimed at preventing vulnerabilities and ensuring robust deployment practices. This resource is intended to streamline security preparations and foster efficient auditing processes while encouraging contributions from the community.

AI Summary: StegCloak is a JavaScript steganography module that conceals secrets within text by using invisible Unicode characters after compressing and encrypting the data. It is designed for covert communication, allowing users to safely embed strings in various platforms while ensuring cryptographic security through AES-256-CTR encryption and HMAC integrity checks. Key features include high-speed processing, support for hiding file links, and a flexible interface available via API, command-line, and web interface.

AI Summary: Stowaway is a multi-tier proxy tool written in Go, designed specifically for penetration testers to route external traffic through multiple nodes into an internal network, thereby overcoming access restrictions. Notable features include user-friendly command-line interface, tree structure node management, support for various connection types (socks5, HTTP, SSH), traffic encryption using TLS/AES-256-GCM, and capabilities for remote shell, file transfer, and port mapping, all while maintaining compatibility across multiple platforms such as Linux, Mac, and Windows.

AI Summary: The Terrapin Vulnerability Scanner is a Go-based utility designed to assess the vulnerability of SSH clients and servers against the Terrapin Attack. It utilizes a single connection to retrieve supported algorithms without initiating a full SSH key exchange, allowing it to identify potential vulnerabilities and support for known countermeasures like strict key exchange. Notable features include JSON output for results, support for various operating systems via pre-compiled binaries and Docker, and ease of building from source.

AI Summary: Xencrypt is a PowerShell-based crypter designed to compress and encrypt PowerShell scripts while bypassing AMSI and modern antivirus solutions. Its notable features include variable name randomization, support for recursive layering of encrypted scripts, and a minimal overhead due to compression. This open-source tool serves as a demonstration for users looking to develop their own crypters, offering flexibility for customization and ease of use.

README

Xencrypt

PowerShell crypter v 1.0

Authors

Xentropy ( @SamuelAnttila )
SecForce ( @SECFORCE_LTD )