Interested in collecting evidence of Internet censorship? Curious about the speed and performance of the network that you are using?By running the tests in this app, you will examine the following:Blocking of websites Presence of systems that cou…
Framework for attacking network protocols and network exploitation. I. Introduction I don’t look back anymore. I don’t regret. I look forward Aiden Pearce Yes, Watch Dogs has heavily influenced us when writing this framework. This entire…
This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi testing. Furthermore, it is useful while performing red team or an internal infrastru…
Continuously jam all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card. Alfa cards seem to effectively jam within about a block radius with heavy access point saturation. Granulari…
- Install Text (V 3.0)
- Install Video (OLD)
- Binder guide
- Module guide
- Form grabber plugins
- Facebook MessengerSpy plugins
- Jabber Notifier/ Hide Panel
- Windows infection
- Rubber Ducky Payload
- pip install crxmake
web browser infection
- pour rappel, infiltrer, surveiller, un système informatique sans autorisation est un délit
- reminder, infiltrate, monitor, computer system without authorization is a crime
FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. The features will continue to be expanded and will include website spoo…
An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically This script is created due to Hackademics, there are so much possible exploit for that version of kernel, as a rookie OSCP student, I a…
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configurat…
MTR combines the functionality of the ‘traceroute’ and ‘ping’ programs in a single network diagnostic tool.As mtr starts, it investigates the network connection between the host mtr runs on and a user-specified destination host. After it determ…
hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 160 highly-optimized hashing algorithms. hashcat currently supports CPU’s, GPU’s other hardware-accelerators on Linux, …
Reverse Engineering Tool for py2exe applications. Prerequisites cmake git python2.7 Cloning git clone https://github.com/4w4k3/rePy2exe.git Running python rePy2exe.pyor python2.7 rePy2exe.py Authors …
Java bytecode analyzer customizable via JSON rules. It is a command-line tool that receives a path containing one or more Jar files, analyzes them using the provided rules and generates HTML reports with the results. Usage …
Tool to exploit challenge response system in vulnerable DblTek GoIP devices. Can generate responses to specified challenges, test hosts for the vulnerability, run commands on vulnerable hosts, and drop into a root shell on any vulnerable host. …
Deep-pwning is modularized into several components to minimize code repetition. Because of the vastly different nature of potential classification tasks, the current iteration of the code is optimized for classifying images and phrases (using word vectors).
These are the code modules that make up the current iteration of Deep-pwning:
The drivers are the main execution point of the code. This is where you can tie the different modules and components together, and where you can inject more customizations into the adversarial generation processes.
This is where the actual machine learning model implementations are located. For example, the provided
lenet5model definition is located in the
lenet5.py. It defines the network as the following:
-> Convolutional Layer 1
-> Max Pooling Layer 1
-> Convolutional Layer 2
-> Max Pooling Layer 2
-> Dropout Layer
-> Softmax Layer
LeCun et al. LeNet-5 Convolutional Neural Network
- Adversarial (advgen)
This module contains the code that generates adversarial output for the models. The
run()function defined in each of these
advgenclasses takes in an
input_dict, that contains several predefined tensor operations for the machine learning model defined in Tensorflow. If the model that you are generating the adversarial sample for is known, the variables in the input dict should be based off that model definition. Else, if the model is unknown, (black box generation) a substitute model should be used/implemented, and that model definition should be used. Variables that need to be passed in are the input tensor placeholder variables and labels (often refered to as
x-> input and
y_-> labels), the model output (often refered to as
y_conv), and the actual test data and labels that the adversarial images will be based off of.
Miscellaneous utilities that don’t belong anywhere else. These include helper functions to read data, deal with Tensorflow queue inputs etc.
These are the resource directories relevant to the application:
Tensorflow allows you to load a partially trained model to resume training, or load a fully trained model into the application for evaluation or performing other operations. All these saved ‘checkpoints’ are stored in this resource directory.
This directory stores all the input data in whatever format that the driver application takes in.
This is the output directory for all application output, including adversarial images that are generated.
Please follow the directions to install tensorflow found here https://www.tensorflow.org/versions/r0.8/get_started/os_setup.html which will allow you to pick the tensorflow binary to install.
$ pip install -r requirements.txt
Execution Example (with the MNIST driver)
To restore from a previously trained checkpoint. (configuration in config/mnist.conf)
$ cd dpwn
$ python mnist_driver.py --restore_checkpoint
To train from scratch. (note that any previous checkpoint(s) located in the folder specified in the configuration will be overwritten)
$ cd dpwn
$ python mnist_driver.py
- Implement saliency graph method of generating adversarial samples
defensemodule to the project for examples of some defenses proposed in literature
- Upgrade to Tensorflow 0.9.0
- Add support for using pretrained word2vec model in
- Add SVM & Logistic Regression support in
models(+ example that uses them)
- Add non-image and non-phrase classifier example
- Add multi-GPU training support for faster training speeds
Note that dpwn requires Tensorflow 0.8.0. Tensorflow 0.9.0 introduces some
(borrowed from the amazing Requests repository by kennethreitz)
- Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
- Fork the repository on GitHub to start making your changes to the master branch (or branch off of it).
- Write a test which shows that the bug was fixed or that the feature works as expected.
- Send a pull request and bug the maintainer until it gets merged and published. 🙂 Make sure to add yourself to
There is so much impressive work from so many machine learning and security researchers that directly or indirectly contributed to this project, and inspired this framework. This is an inconclusive list of resources that was used or referenced in one way or another:
- Szegedy et al. Intriguing properties of neural networks
- Papernot et al. The Limitations of Deep Learning in Adversarial Settings
- Papernot et al. Practical Black-Box Attacks against Deep Learning Systems using Adversarial Examples
- Goodfellow et al. Explaining and Harnessing Adversarial Examples
- Papernot et al. Transferability in Machine Learning: from Phenomena to Black-Box Attacks using Adversarial Samples
- Grosse et al. Adversarial Perturbations Against Deep Neural Networks for Malware Classification
- Nguyen et al. Deep Neural Networks are Easily Fooled: High Confidence Predictions for Unrecognizable Images
- Xu et al. Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers
- Kantchelian et al. Evasion and Hardening of Tree Ensemble Classifiers
- Biggio et al. Support Vector Machines Under Adversarial Label Noise
- Biggio et al. Poisoning Attacks against Support Vector Machines
- Papernot et al. Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks
- Ororbia II et al. Unifying Adversarial Training Algorithms with Flexible Deep Data Gradient Regularization
- Jin et al. Robust Convolutional Neural Networks under Adversarial Noise
- Pang et al. Seeing stars: Exploiting class relationships for sentiment categorization with respect to rating scales
- Goodfellow et al. Deep Learning Adversarial Examples – Clarifying Misconceptions
- WildML Implementing a CNN for Text Classification in Tensorflow
BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1707 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs.Cha…
IntelMQ is a solution for IT security teams (CERTs, CSIRTs, abuse departments,…) for collecting and processing security feeds (such as log files) using a message queuing protocol. It’s a community driven initiative called IHAP (…
An exploit for Apache Struts CVE-2017-5638 Usage Testing a single URL. python struts-pwn.py –url ‘http://example.com/struts2-showcase/index.action’ -c ‘id’ Testing a list of URLs. python struts-pwn.py -…
ansvif, written primarily in C++, is designed to find code bugs by throwing garbage input at programs to see how they react. This is great for finding bugs, because not every type of input is always handled, and buffers are not always checked, etc….
The ‘pwdlyser’ tool is a Python-based CLI script that automates the arduous process of manually reviewing cracked passwords during password audits following security assessments or penetration tests. There are likely some false positives/negatives, so …
shootback is a reverse TCP tunnel let you access target behind NAT or firewallConsumes less than 1% CPU and 8MB memory under 800 concurrency. slaver is single file and only depends on python(2.7/3.4+) standard library. …