SploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability. Empowering cybersecurity professionals with the capability to swiftly identify and apply known and test exploits. It's particularly valuable for professionals seeking to enhance their security measures or develop robust detection strategies against emerging threats.
Regular:
python sploitscan.py CVE-YYYY-NNNNN
Enter one or more CVE IDs to fetch data. Separate multiple CVE IDs with spaces.
python sploitscan.py CVE-YYYY-NNNNN CVE-YYYY-NNNNN
Optional: Export the results to a JSON or CSV file. Specify the format: 'json' or 'csv'.
python sploitscan.py CVE-YYYY-NNNNN -e JSON
The Patching Prioritization System in SploitScan provides a strategic approach to prioritizing security patches based on the severity and exploitability of vulnerabilities. It's influenced by the model from CVE Prioritizer, with enhancements for handling publicly available exploits. Here's how it works:
This system assists users in making informed decisions on which vulnerabilities to patch first, considering both their potential impact and the likelihood of exploitation. Thresholds can be changed to your business needs.
Contributions are welcome. Please feel free to fork, modify, and make pull requests or report issues.
Alexander Hagenah - URL - Twitter
LightsOut will generate an obfuscated DLL that will disable AMSI & ETW while trying to evade AV. This is done by randomizing all WinAPI functions used, xor encoding strings, and utilizing basic sandbox checks. Mingw-w64 is used to compile the obfuscated C code into a DLL that can be loaded into any process where AMSI or ETW are present (i.e. PowerShell).
LightsOut is designed to work on Linux systems with python3 and mingw-w64 installed. No other dependencies are required.
Features currently include:
 _______________________
|                       |
|   AMSI + ETW          |
|                       |
|        LIGHTS OUT     |
|        _______        |
|       ||     ||       |
|       ||_____||       |
|       |/    /||       |
|       /    / ||       |
|      /____/ /-'       |
|      |____|/          |
|                       |
|          @icyguider   |
|                       |
|                     RG|
`-----------------------'
usage: lightsout.py [-h] [-m <method>] [-s <option>] [-sa <value>] [-k <key>] [-o <outfile>] [-p <pid>]
Generate an obfuscated DLL that will disable AMSI & ETW
options:
  -h, --help            show this help message and exit
  -m <method>, --method <method>
                        Bypass technique (Options: patch, hwbp, remote_patch) (Default: patch)
  -s <option>, --sandbox <   ;option>
                        Sandbox evasion technique (Options: mathsleep, username, hostname, domain) (Default: mathsleep)
  -sa <value>, --sandbox-arg <value>
                        Argument for sandbox evasion technique (Ex: WIN10CO-DESKTOP, testlab.local)
  -k <key>, --key <key>
                        Key to encode strings with (randomly generated by default)
  -o <outfile>, --outfile <outfile>
                        File to save DLL to
Remote options:
  -p <pid>, --pid <pid>
                        PID of remote process to patch
Intended Use/Opsec Considerations
This tool was designed to be used on pentests, primarily to execute malicious powershell scripts without getting blocked by AV/EDR. Because of this, the tool is very barebones and a lot can be added to improve opsec. Do not expect this tool to completely evade detection by EDR.
Usage Examples
You can transfer the output DLL to your target system and load it into powershell various ways. For example, it can be done via P/Invoke with LoadLibrary:
Or even easier, copy powershell to an arbitrary location and side load the DLL!
Greetz/Credit/Further Reference:
A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.
IF you are interested in seing all this data in a live website, visit:
PatchaPalooza uses the power of Microsoft's MSRC CVRF API to fetch, store, and analyze security update data. Designed for cybersecurity professionals, it offers a streamlined experience for those who require a quick yet detailed overview of vulnerabilities, their exploitation status, and more. This tool operates entirely offline once the data has been fetched, ensuring that your analyses can continue even without an internet connection.
Run PatchaPalooza without arguments to see an analysis of the current month's data:
python PatchaPalooza.pyFor a specific month's analysis:
python PatchaPalooza.py --month YYYY-MMMTo display a detailed view of a specific CVE:
python PatchaPalooza.py --detail CVE-IDTo update and store the latest data:
python PatchaPalooza.py --updateFor an overall statistical overview:
python PatchaPalooza.py --statsThis tool is built upon the Microsoft's MSRC CVRF API and is inspired by the work of @KevTheHermit.
Alexander Hagenah
This tool is meant for educational and professional purposes only. No license, so do with it whatever you like.











