6011 matches found
Yeti - Your Everyday Threat Intelligence
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables e.g. resolve domains, geolocate IPs so that you don't have to. Yeti provides an interface for humans shiny...
Cloud-Sniper - Virtual Security Operations Center
Cloud Security Operations What is Cloud Sniper? Cloud Sniper is a platform designed to manage Security Operations in cloud environments. It is an open platform which allows responding to security incidents by accurately analyzing and correlating native cloud artifacts. It is to be used as a Virtu...
IoT-PT - A Virtual Environment For Pentesting IoT Devices
A new pentesting virtual environment for IoT Devices Download Link : https://drive.google.com/open?id=1XwGqkLax2irSPpwEpeAqypl9vEywzw3D MD5 : d9c20057b14cfa3fb25f744813b828df ; SHA1: 8828d693dc6c809377bab40d2bc26f525685e287 OS info and Requirements Base OS : Lubuntu 18.04 LTS Processors : 2 By...
IRFuzz - Simple Scanner with Yara Rule
IRFuzz is a simple scanner with yara rules for document archives or any files. Install 1. Prerequisites Linux or OS X Yara: just use the latest release source code, compile and install it or install it via pip install yara-python Yara Rules - You may download yara rules from here or import your...
Vhosts-Sieve - Searching For Virtual Hosts Among Non-Resolvable Domains
Searching for virtual hosts among non-resolvable domains. Installation git clone https://github.com/dariusztytko/vhosts-sieve.git pip3 install -r vhosts-sieve/requirements.txt Usage Get a list of subdomains e.g. using Amass $ amass enum -v -passive -o domains.txt -d example.com -d...
Fast-Google-Dorks-Scan - Fast Google Dorks Scan
A script to enumerate web-sites using Google dorks. Usage example: ./FGDS.sh megacorp.one Version: 0.035, June 07, 2020 Features: 1. Looking for the common admin panel 2. Looking for the widespread file types 3. Path traversal 4. Prevent Google banning Download Fast-Google-Dorks-Scan...
Ligolo - Reverse Tunneling Made Easy For Pentesters, By Pentesters
Ligolo is a simple and lightweight tool for establishing SOCKS5 or TCP tunnels from a reverse connection in complete safety TLS certificate with elliptical curve. It is comparable to Meterpreter with Autoroute + Socks4a , but more stable and faster. Use case You compromised a Windows / Linux / Ma...
goBox - GO Sandbox To Run Untrusted Code
GO sandbox to run untrusted code. goBox uses Ptrace to hook into READ syscalls, giving you the option to accept or deny syscalls before they are executed. Usage Usage of ./gobox: gobox FLAGS command flags: -h Print Usage. -n value A glob pattern for automatically blocking file reads. -y value A...
MSNM-S - Multivariate Statistical Network Monitoring-Sensor
MSNM-S Multivariate Statistical Network Monitoring-Sensor shows the practical suitability of the approaches found in PCA-MSNM and in Hierarchical PCA-MSNM works. The first one present the MSNM approach and new multivariate statistical methodology for network anomaly detection while the second one...
RecScanSec - Reconnaisance Scanner Security
RecScanSec made for reconnaisance Scanner and information gathering with an emphasis on simplicity. It will do everything from. Features Information Security Headers WAF Analyzer Information Disclosure Banner Grabbing Url Crawl HTML Form Detector Port Scanner Get SSL Information Subdomain...
Triton - Dynamic Binary Analysis (DBA) Framework
Triton is a dynamic binary analysis DBA framework. It provides internal components like a Dynamic Symbolic Execution DSE engine, a Taint engine, AST representations of the x86 and the x86-64 instructions set semantics, SMT simplification passes, an SMT Solver Interface and, the last but not least...
Lynis 2.7.0 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...
APTSimulator - A toolset to make a system look as if it was the victim of an APT attack
APT Simulator is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised. Use Cases 1. POCs: Endpoint detection agents / compromise assessment tools 2. Test your security monitoring's detection capabilities 3. Test your SOCs response on a...
Blazy - Modern Login Bruteforcer Which Also Tests For CSRF, Clickjacking, Cloudflare and WAF
Blazy is a modern login page bruteforcer. Features Easy target selections Smart form and error detection CSRF and Clickjacking Scanner Cloudflare and WAF Detector 90% accurate results Checks for login bypass via SQL injection Multi-threading 100% accurate results Better form detection and...
DELTA - SDN Security Evaluation Framework
DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique. Agent-Manager is the control tower. It takes full control over all...
Knockpy - Enumerate Subdomain Scanner
Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for DNS zone transfer and to try to bypass the wildcard DNS record automatically if it is enabled. Now knockpy supports queries to VirusTotal subdomains, you can setting the...
SJET - JMX Exploitation Toolkit
Java Management Extensions JMX is a Java technology that supplies tools for managing and monitoring applications, system objects, devices such as printers and service-oriented networks. Those resources are represented by objects called MBeans for Managed Bean. In the API, classes can be dynamical...
HatCloud - Tool for identify real IP of CloudFlare (Bypass CloudFlare)
HatCloud build in Ruby. It makes bypass in CloudFlare for discover real IP. This can be useful if you need test your server and website. Testing your protection against Ddos Denial of Service or Dos. CloudFlare is services and distributed domain name server services, sitting between the visitor a...
Umbrella - A Phishing Dropper designed to Pentest
Umbrella is a file dropper dedicated to pentest, its download files on target system are execute them without a double execution of exe, only of embed. To compromise the same target again, you need delete this folder on target system : - C:\Users\Public\Libraries\Intel - because dropper checks th...
Gping - Ping, But With A Graph
Ping, but with a graph Install and run Created/tested with Python 3.4, should run on 2.7 will require the statistics module though. pip3 install pinggraph Tested on Windows and Ubuntu, should run on OS X as well. After installation just run: gping yourhost If you don't give a host then it pings...
Burpkit - Next-Gen Burpsuite Penetration Testing Tool
Welcome to the next generation of web application penetration testing - using WebKit to own the web. BurpKit is a BurpSuite plugin which helps in assessing complex web apps that render the contents of their pages dynamically. It also provides a bi-directional JavaScript bridge API which allows...
Crowbar - Brute Forcing Tool for Pentests
Crowbar crowbar is brute forcing tool that can be used during penetration tests. It is developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar...
MLDonkey - multi-protocol P2P file sharing application
MLDonkey is a multi-platform and freely distributed eDonkey client, a P2P Peer-to-Peer file-sharing application. It provides users with both a server daemon and graphical user interface GUI. It seems to be the first ever open source application that could access the eDonkey peer-to-peer file...
nbtscan - NETBIOS nameserver scanner
This is a command-line tool that scans for open NETBIOS nameservers on a local or remote TCP/IP network, and this is a first step in finding of open shares. It is based on the functionality of the standard Windows tool nbtstat, but it operates on a range of addresses instead of just one. I wrote...
[DNmap] Distributed Nmap Framwork
DNmap is a distributed nmap framwork using a client/server architecture. The server reads the commands from a file and send them to each client. The client execute the nmap command and send the results back. Download DNmap...
[SpiderFoot v2.1.0] The Open Source Footprinting tool
SpiderFoot is a free, open-source footprinting tool, enabling you to perform various scans against a given domain name in order to obtain information such as sub-domains, e-mail addresses, owned netblocks, web server versions and so on. The main objective of SpiderFoot is to automate the...
[Bugtroid] Pentesting for Android
Bugtroid is an innovative tool developed by the team of Bugtraq-Team. The main features of this apk, is that it has more than 200 Android and Linux tools PRO for pentesting and forensics through its Smarthphone or tablet. It has a menu categorized according to the nature of the tool may find:...
[Ghost Phisher Tool] Fake DNS Server, Fake DHCP Server and Fake HTTP server
Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honeypot, could be used t...
[SAMHAIN 3.0.9] File Integrity Checker / Host-Based Intrusion Detection System
The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis , as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially...
NTLM Relay Gat - Powerful Tool Designed To Automate The Exploitation Of NTLM Relays
NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM relays using ntlmrelayx.py from the Impacket tool suite. By leveraging the capabilities of ntlmrelayx.py, NTLM Relay Gat streamlines the process of exploiting NTLM relay vulnerabilities, offering a range of...
NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected
NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly. Default Cmd: Windows Event Logs...
RemoteTLSCallbackInjection - Utilizing TLS Callbacks To Execute A Payload Without Spawning Any Threads In A Remote Process
This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless Injection as RemoteTLSCallbackInjection does not invoke any API calls to trigger the injected payload. Quick Links Maldev Academy Home Maldev Academy...
MultiDump - Post-Exploitation Tool For Dumping And Extracting LSASS Memory Discreetly
MultiDump is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly, without triggering Defender alerts, with a handler written in Python. Blog post: https://xre0us.io/posts/multidump MultiDump supports LSASS dump via ProcDump.exe or comsvc.dll, it offers two...
BounceBack - Stealth Redirector For Your Red Team Operation Security
BounceBack is a powerful, highly customizable and configurable reverse proxy with WAF functionality for hiding your C2/phishing/etc infrastructure from blue teams, sandboxes, scanners, etc. It uses real-time traffic analysis through various filters and their combinations to hide your tools from...
Melee - Tool To Detect Infections In MySQL Instances
MELEE: A Tool to Detect Ransomware Infections in MySQL Instances Attackers are abusing MySQL instances for conducting nefarious operations on the Internet. The cybercriminals are targeting exposed MySQL instances and triggering infections at scale to exfiltrate data, destruct data, and extort mon...
Douglas-042 - Powershell Script To Help Speed āāUp Threat Hunting Incident Response Processes
DOUGLAS-042 stands as an ingenious embodiment of a PowerShell script meticulously designed to expedite the triage process and facilitate the meticulous collection of crucial evidence derived from both forensic artifacts and the ephemeral landscape of volatile data. Its fundamental mission revolve...
DynastyPersist - A Linux Persistence Tool!
A Linux persistence tool! A powerful and versatile Linux persistence script designed for various security assessment and testing scenarios. This script provides a collection of features that demonstrate different methods of achieving persistence on a Linux system. Features 1. SSH Key Generation:...
Shoggoth - Asmjit Based Polymorphic Encryptor
Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode, PE, and COFF files polymorphically. Shoggoth will generate an output file that stores the payload and its corresponding loader in an obfuscated form. Since the content of the output is...
Sandfly-Entropyscan - Tool To Detect Packed Or Encrypt ed Binaries Related To Malware, Finds Malicious Files And Linux Processes And Gives Output With Cryptographic Hashes
What is sandfly-entropyscan? sandfly-entropyscan is a utility to quickly scan files or running processes and report on their entropy measure of randomness and if they are a Linux/Unix ELF type executable. Some malware for Linux is packed or encrypted and shows very high entropy. This tool can...
HTTPLoot - An Automated Tool Which Can Simultaneously Crawl, Fill Forms, Trigger Error/Debug Pages And "Loot" Secrets Out Of The Client-Facing Code Of Sites
An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites. Usage To use the tool, you can grab any one of the pre-built binaries from the Releases section of the repository. If you want to build the source cod...
PenguinTrace - Tool To Show How Code Runs At The Hardware Level
penguinTrace is intended to help build an understanding of how programs run at the hardware level. It provides a way to see what instructions compile to, and then step through those instructions and see how they affect machine state as well as how this maps back to variables in the original...
Deadfinder - Find Dead-Links (Broken Links)
Dead link broken link means a link within a web page that cannot be connected. These links can have a negative impact to SEO and Security. This tool makes it easy to identify and modify. Installation Install with Gem gem install deadfinder Docker Image docker pull ghcr.io/hahwul/deadfinder:latest...
ApacheTomcatScanner - A Python Script To Scan For Apache Tomcat Server Vulnerabilities
A python script to scan for Apache Tomcat server vulnerabilities. Features Multithreaded workers to search for Apache tomcat servers. Multiple target source possible: Retrieving list of computers from a Windows domain through an LDAP query to use them as a list of targets. Reading targets line by...
dBmonster - Track WiFi Devices With Their Recieved Signal Strength
With dBmonster you are able to scan for nearby WiFi devices and track them trough the signal strength dBm of their sent packets sniffed with TShark. These dBm values will be plotted to a graph with matplotlib. It can help you to identify the exact location of nearby WiFi devices use a directional...
CRLFsuite - Fast CRLF Injection Scanning Tool
CRLFsuite is a fast tool specially designed to scan CRLF injection. Installation $ git clone https://github.com/Nefcore/CRLFsuite.git $ cd CRLFsuite $ sudo python3 setup.py install $ crlfsuite -h Features Single URL scanning Multiple URL scanning Stdin supported GET & POST method supported...
Labtainers - A Docker-based Cyber Lab Framework
Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or install on a Linux system and your students are done with provisioning and administrative setup, for these and future lab exercises. Consistent lab execution environments and automated...
Ecapture - Capture SSL/TLS Text Content Without CA Cert By eBPF
How eCapture works SSL/TLS text context capture, support openssl\gnutls\nsprnss libraries. bash audit, capture bash command for Host Security Audit. mysql query SQL audit, support mysqld 5.6\5.7\8.0, and mariadDB. eCapture Architecure eCapture User Manual Getting started use ELF binary file...
Socid-Extractor - Extract Accounts Info From Personal Pages On Various Sites For OSINT Purpose
Extract information about a user from profile webpages / API responses and save it in machine-readable format. Usage As a command-line tool: $ socidextractor --url https://www.deviantart.com/muse1908 country: France createdat: 2005-06-16 18:17:41 gender: female username: Muse1908 website:...
SentryPeer - A Distributed Peer To Peer List Of Bad Actor IP Addresses And Phone Numbers Collected Via A SIP Honeypot
A distributed list of bad actor IP addresses and phone numbers collected via a SIP Honeypot. Introduction This is basically a fraud detection tool. It lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call. Those details are then used to bloc...
Kerbrute - An Script To Perform Kerberos Bruteforcing By Using Impacket
An script to perform kerberos bruteforcing by using the Impacket library. When is executed, as input it receives a user or list of users and a password or list of password. Then is performs a brute-force attack to enumerate: Valid username/passwords pairs Valid usernames Usernames without...