PurpleKeep - Providing Azure Pipelines To Create An Infrastructure And Run Atomic Tests

With the rapidly increasing variety of attack techniques and a simultaneous rise in the number of detection rules offered by EDRs Endpoint Detection and Response and custom-created ones, the need for constant functional testing of detection rules has become evident. However, manually re-running...

BucketLoot - An Automated S3-compatible Bucket Inspector

BucketLoot is an automated S3-compatible Bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text. The tool can scan for bucke...

DllNotificationInjection - A POC Of A New "Threadless" Process Injection Technique That Works By Utilizing The Concept Of DLL Notification Callbacks In Local And Remote Processes

DllNotificationInection is a POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes. An accompanying blog post with more details is available here: https://shorsec.io/blog/dll-notification-injection/ Ho...

NetProbe - Network Probe

NetProbe is a tool you can use to scan for devices on your network. The program sends ARP requests to any IP address on your network and lists the IP addresses, MAC addresses, manufacturers, and device models of the responding devices. Features Scan for devices on a specified IP address or subnet...

AD_Enumeration_Hunt - Collection Of PowerShell Scripts And Commands That Can Be Used For Active Directory (AD) Penetration Testing And Security Assessment

Description Welcome to the AD Pentesting Toolkit! This repository contains a collection of PowerShell scripts and commands that can be used for Active Directory AD penetration testing and security assessment. The scripts cover various aspects of AD enumeration, user and group management, computer...

PrivKit - Simple Beacon Object File That Detects Privilege Escalation Vulnerabilities Caused By Misconfigurations On Windows OS

PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS. PrivKit detects following misconfigurations Checks for Unquoted Service Paths Checks for Autologon Registry Keys Checks for Always Install Elevated Registry Keys...

Ator - Authentication Token Obtain and Replace Extender

The plugin is created to help automated scanning using Burp in the following scenarios: 1. Access/Refresh token 2. Token replacement in XML,JSON body 3. Token replacement in cookies The above can be achieved using complex macro, session rules or Custom Extender in some scenarios. The rules become...

MacOSThreatTrack - Bash Tool Used For Proactive Detection Of Malicious Activity On macOS Systems

The tool is being tested in the beta phase, and it only gathers MacOS system information at this time. The code is poorly organized and requires significant improvements. Description Bash tool used for proactive detection of malicious activity on macOS systems. I was inspired by Venator-Swift and...

Winevt_Logs_Analysis - Searching .Evtx Logs For Remote Connections

Simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for some EventIDs regarding remote logins and sessions. You should pip install -r requirements.txt so the script can work and parse some of the .evtx files inside winevt folder. T...

VuCSA - Vulnerable Client-Server Application - Made For Learning/Presenting How To Perform Penetration Tests Of Non-Http Thick Clients

Vulnerable Client-Server Application Vulnerable client-server application VuCSA is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written in Java with JavaFX graphical user interface. Currently the vulnerable application contains the following...

Jwtear - Modular Command-Line Tool To Parse, Create And Manipulate JWT Tokens For Hackers

A modular command-line tool to parse, create and manipulate JSON Web TokenJWT tokens for security testing purposes. Features Complete modularity. All commands are plugins. Easy to add new plugins. Support JWS and JWE tokens. Easy interface for plugins. follow the template example Flexible token...

EmoCheck - Emotet Detection Tool For Windows OS

Emotet detection tool for Windows OS. How to use 1. Download EmoCheck from the Releases page. 2. Run EmoCheck on the host. 3. Check the exported report. Download Please download from the Releases page. Command options since v0.0.2 Specify output directory for the report default: current directory...

BinAbsInspector - Vulnerability Scanner For Binaries

BinAbsInspector Binary Abstract Inspector is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is based on abstract interpretation with the support from Ghidra. It works on Ghidra's Pcode...

Ransomware-Simulator - Ransomware Simulator Written In Golang

The goal of this repository is to provide a simple, harmless way to check your AV's protection on ransomware. This tool simulates typical ransomware behaviour, such as: Staging from a Word document macro Deleting Volume Shadow Copies Encrypting documents embedded and dropped by the simulator into...

Frelatage - The Python Fuzzer That The World Deserves

pip3 install frelatage Current release :0.0.7 Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code. The development of Frelatage was inspired by various other fuzzers, including AFL/AFL++, Atheris and PythonFuzz. The main purpose of the project is to take...

LeakedHandlesFinder - Leaked Windows Processes Handles Identification Tool

Leaked Windows processes handles identification tool. Useful for identify new LPE vulnerabilities during a pentest or simply as a new research process. Currently supports exploiting autopwn procesess leaked handles spawning a new arbitrary process cmd.exe default. LHF identifies in realtime...

Git-Dumper - A Tool To Dump A Git Repository From A Website

A tool to dump a git repository from a website. Install This can be installed easily with pip: pip install git-dumper Usage usage: git-dumper options URL DIR Dump a git repository from a website. positional arguments: URL url DIR output directory optional arguments: -h, --help show this help...

Poro - Scan Publicly Accessible Assets On Your AWS Cloud Environment

Scan for publicly accessible assets on your AWS environment Services covered by this tool: AWS ELB API Gateway S3 Buckets RDS Databases EC2 instances Redshift Databases Poro also check if a tag you specify is applied to identified public resources using --tag-key and --tag-value arguments...

Nivistealer - Steal Victim Images Exact Location Device Info And Much More

Steal Victim Images Exact Location Device Info And Much More Features of Nivi-Stealer: Steal Ip Steal Device Info Uses Device Gps to steal exact location Steal pic from front camera Send logs to discord also save them locally in a txt file Works on android,windows,linux,mac os Uses iframe to load...

Flare-Qdb - Command-line And Python Debugger For Instrumenting And Modifying Native Software Behavior On Windows And Linux

flare-qdb is a command-line and scriptable Python-based tool for evaluating and manipulating native program state. It uses Vivisect to set a breakpoint on each queried instruction and executes Python code when hit. flare-qdb frees the analyst to take a nonlinear approach to dynamic analysis that...

T-Reqs-HTTP-Fuzzer - A Grammar-Based HTTP Fuzzer

T-Reqs T wo Req uests is a grammar-based HTTP Fuzzer written as a part of the paper titled "T-Reqs: HTTP Request Smuggling with Differential Fuzzing" which was presented at ACM CCS 2021. BibTeX of the paper: @inproceedingsccs2021treqs, title=T-Reqs: HTTP Request Smuggling with Differential Fuzzin...

Raven - Advanced Cyber Threat Map (Simplified, Customizable, Responsive)

Raven - Advanced Cyber Threat Map Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, 100,000 cities, and can be used in an isolated environment without external lookups!. Live - Demo https://qeeqbox.github.io/raven/ Offline - Demo Features Uses D3.js Not...

Redherd Framework -A Collaborative And Serverless Framework For Orchestrating A Geographically Distributed Group Of Assets

RedHerd is a collaborative and serverless framework for orchestrating a geographically distributed group of assets capable of conducting simulating complex offensive cyberspace operations. --- Getting Started Take a look at the RedHerd documentation for instructions on how to getting started with...

PoW-Shield - Project Dedicated To Fight DDoS And Spam With Proof Of Work, Featuring An Additional WA

Project dedicated to provide DDoS protection with proof-of-work Description PoW Shield provides DDoS protection on OSI application layer by acting as a proxy that utilizes proof of work between the backend service and the end user. This project aims to provide an alternative to general captcha...

CobaltStrikeParser - Python parser for CobaltStrike Beacon's configuration

Python parser for CobaltStrike Beacon's configuration Description Use parsebeaconconfig.py for stageless beacons, memory dumps or C2 urls with metasploit compatibility mode default true. Many stageless beacons are PEs where the beacon code itself is stored in the .data section and xored with 4-by...

KnockOutlook - A Little Tool To Play With Outlook

"The best feeling is to win by knockout." - Nonito Donaire Overview KnockOutlook is a C project that interacts with Outlook's COM object in order to perform a number of operations useful in red team engagements. Command Line Usage metadata of every account search : search for the provided keyword...

PwnLnX - An Advanced Multi-Threaded, Multi-Client Python Reverse Shell For Hacking Linux Systems

An advanced multi-threaded , multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer : This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a comput...

Ronin - A Ruby Platform For Vulnerability Research And Exploit Development

Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits, Payloads, Scanners, etc, via Repositories. Console Ronin provides users with a powerful Ruby Console, pre-loaded with powerful convenience method...

Carnivore - Tool For Assessing On-Premises Microsoft Servers Authentication Such As ADFS, Skype, Exchange, And RDWeb

Carnivore is an assessment tool for Skype for Business, Exchange, ADFS, and RDWeb servers as well as some O365 functionality. Carnivore includes some new post-authentication Skype for Business functionality. Released as open source by NCC Group Plc - https://www.nccgroup.com/ Developed by Chris...

Wordlist_Generator - Unique Wordlist Generator Of Unique Wordlists

wordlistgenerator generates wordlists with unique words with techniques mentioned in tomnomnom's report "Who, What, Where, When". It takes URLs from gau and splits them to get words in URLs. Then it requests each URL to fetch all words. Finally, wordlistgenerator removes from wordlist everything...

Arcane - A Simple Script Designed To Backdoor iOS Packages (Iphone-Arm) And Create The Necessary Resources For APT Repositories

Arcane is a simple script designed to backdoor iOS packages iphone-arm and create the necessar y resources for APT repositories. It was created for this publication to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS...

PhishingKitTracker - Let's Track Phishing Kits To Give To Research Community Raw Material To Stud

An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats Disclaimer This repository holds a collection of Phishing Kits used by criminals to steal user information. Almost every file into the raw folder is malicious so I strongly...

hackerEnv - An Automation Tool That Quickly And Easily Sweep IPs And Scan Ports, Vulnerabilities And Exploit Them

hackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali...

Shhgit - Find GitHub Secrets In Real Time

Shhgit finds secrets and sensitive files across GitHub code and Gists committed in near real time by listening to the GitHub Events API. NEW: LIVE VERSION. Find GitHub secrets straight from your browser! Finding secrets in GitHub is nothing new. There are many great tools available to help with...

O.G. AUTO-RECON - Enumerate A Target Based Off Of Nmap Results

Enumerate a target Based off of Nmap Results Features The purpose of O.G. Auto-Recon is to automate the initial information gathering phase and then enumerate based off those results as much as possible. This tool is intended for CTF's and can be fairly noisy. Not the most stealth conscious tool...

PTF v2.3 - The Penetration Testers Framework Is A Way For Modular Support For Up-To-Date Tools

The PenTesters Framework PTF is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters, we've been accustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all o...

pyHAWK - Searches The Directory Of Choice For Interesting Files. Such As Database Files And Files With Passwords Stored On Them

Searches the directory of choice for interesting files. Such as database files and files with passwords stored on them Features Scans directory for intresting file types Outputs them to the screen Supports many file types Installation Instructions The installation is easy. Git clone the repo and...

Aron - A GO Script For Finding Hidden GET & POST Parameters

Aron is a simple GO script for finding hidden GET & POST parameters with bruteforce. Installation $ git clone https://github.com/m4ll0k/Aron.git aron $ cd aron $ go get github.com/m4ll0k/printer now check if $GOPATH is set $ go env | grep -i gopath if $GOPATH not set, try with: $ export...

ROPGenerator - Tool That Helps You Building ROP Exploits By Finding And Chaining Gadgets Together

ROPGenerator is a tool that makes ROP exploits easy. It enables you to automatically find gadgets or build ROP chains. The current version supports x86 and x64 binaries. Overview ROPGenerator uses the tool ROPgadget https://github.com/JonathanSalwan/ROPgadget to extract gadgets from binaries and...

Pure Blood - A Penetration Testing Framework Created For Hackers / Pentester / Bug Hunter

A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter Menu Web Pentest | Banner Grab | Whois | Traceroute | DNS Record | Reverse DNS Lookup | Zone Transfer Lookup | Port Scan | Admin Panel Scan | Subdomain Scan | CMS Identify | Reverse IP Lookup | Subnet Lookup | Extract Pa...

BeRoot For Windows - Privilege Escalation Project

BeRoots is a post exploitation tool to check common Windows misconfigurations to find a way to escalate our privilege. A compiled version is available here. It will be added to the pupy project as a post exploitation module so it will be executed in memory without touching the disk. Except one...

AutoSploit - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache, IIS, etc, upon which a list of...

CyberScan - Tool To Analyse Packets, Decoding , Scanning Ports, And Geolocation

CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including latitude, longitude , region , country ... Operating Systems Supported Windows XP/7/8/8.1/10 GNU/Linux MacOSX Installation You can download CyberSc...

psad - Intrusion Detection and Log Analysis with iptables

The Port Scan Attack Detector psad is a lightweight system daemon written in is designed to work with Linux iptables/ip6tables/firewalld firewalling code to detect suspicious traffic such as port scans and sweeps, backdoors, botnet command and control communications, and more. It features a set o...

ike-scan - Discover and fingerprint IKE hosts (IPsec VPN Servers)

Discover and fingerprint IKE hosts IPsec VPN Servers. Building and Installing ike-scan uses the standard GNU autoconf and automake tools, so installation is the normal process: Run git clone https://github.com/royhills/ike-scan.git to obtain the project source code Run cd ike-scan to enter source...

Invoke-CradleCrafter - PowerShell Remote Download Cradle Generator and Obfuscator

Invoke-CradleCrafter is a PowerShell v2.0+ compatible PowerShell remote download cradle generator and obfuscator. Purpose Invoke-CradleCrafter exists to aid Blue Teams and Red Teams in easily exploring, generating and obfuscating PowerShell remote download cradles. In addition, it helps Blue Team...

OverThruster - HID Attack Payload Generator For Arduinos

OverThruster is a tool to generate sketches for Arduinos when used as an HID Attack. It was designed around devices with the ATMEGA32U4 chip, like the CJMCU-BEETLE, or the new LilyGo "BadUSB" devices popping up on ebay and aliexpress that look like USB sticks but contain an Arduino. I wrote this...

BackdoorMan - Toolkit That Helps You Find Malicious, Hidden And Suspicious PHP Scripts And Shells

A Python open source toolkit that helps you find malicious, hidden and suspicious PHP scripts and shells in a chosen destination, it automates the process of detecting the above. Purpose The main purpose of BackdoorMan is to help web-masters and developers to discover malicious scripts in their...

Limon - Sandbox for Analyzing Linux Malwares

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...

Suricata 3.1 - Open Source IDS / IPS / NSM engine

Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation OISF. Suricata is developed by the OISF and its supporting vendors. Top 3 Reasons You Should Try Suricat...