| NFC CreditCard Reader |
| Program based on readnfccc (by Renaud Lifchitz) to read some private data from credit cards, like cardholder, Permanent Account Number (PAN), expiry date, etc., using NFC technology. It has been tested with Spanish contactless credit cards, but can also be used with other countries cards. |
| writeURItoNFCtag |
| Simple script to write any URI to an NFC tag. Using the 0x00 URI type we can write any type of URI in the tag, without thinking about it. Based on the helloworld.py (nfcpy) script. |
| twitCheck |
| Simple script to show details of a given Twitter account: inactivity of friends, new and lost followers, etc. |
| PDFAnalyzer |
| Script to analyze malicious PDF files containing obfuscated Javascript code. It uses Spidermonkey to execute the found Javascript code and showing the shellcode to be launched. Sometimes it's not able to deobfuscate the code, but you can specify the parameter -w to write to disk the Javascript code, helping to carry out a later manual analysis. Its output has five sections where you can find trigger events (/OpenAction and /AA), suspicious actions (/JS, /Launch, /SubmitForm and /ImportData), vulnerable elements, escaped bytes and URLs, which can be useful to get an idea of the file risk. |
| js2shellcode |
| Little script to obtain a printable (C style) shellcode from the escaped Javascript code. It also writes to shellcode.out the resulted bytes. |
| shellcode2js |
| Little script to obtain an escaped Javascript shellcode from a C style shellcode or a binary file containing the shellcode. |
| ZlibStreams |
| This script compress/decompress a specified string or file using the Zlib library. If the input is a file and the method used is decompression, then the script looks for the streams compressed with the /FlateDecode filter, so it's focused on PDF files. |
| XORBruteForcer |
| Script that implements a XOR bruteforcing of a given file, although a specific key can be used too. It's possible to look for a word in the xored result, minimizing the output. |
| HostsGrabber |
| Script which returns a list of hostnames of the given domain (and their resolved IPs) contained in the given URL. The request can be recursive. This is useful to map all the hosts of one organization. |
| GeoLoc |
| Given one host (domain or IP) returns its geolocalization (based on GeoIpTool.com). |
|
