Dalfox
0 (0)
Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Checksec is a bash script to check the properties of executables (like PIE, RELRO, Canaries, ASLR, Fortify Source). It has been originally written by Tobias Klein and the original source is available here: http://www.trapkit.de/tools/checksec.html. **MAJOR UPDATES** 2.1.0 Changed structure to be more modular and switched to getopts so options can be in any order. e.g. format=json can be at the end now, however. All options now require --$option=$value instead of --$option $value. --extended option now includes clang CFI and safe stack checks. Last Update: 2024-04-29. For OSX: Most of the tools do not work on mach-O binaries or the OSX kernel, so it is not supported. Cosign Verify Checksec: cosign verify-blob --signature checksec_new.sig --certificate checksec_new.pub checksec --certificate-identity=slimm609@gmail.com --certificate-oidc-issuer=https://github.com/login/oauth. Openssl Verify Checksec: Openssl verification is being deprecated in favor of Cosign Verification, which is backed by a hardware security module and provides a greater level of integrity. openssl dgst -sha256 -verify checksec.pub -signature checksec.sig checksec. Examples: normal (or --format=cli) $check
Dalfox is a powerful open-source XSS scanner and utility focused on automation.
A software reverse engineering framework with full-featured analysis tools and support for multiple platforms, instruction sets, and executable formats.
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
Automatic YARA rule generation for malware repositories.