6011 matches found
[XSSF v.3.0] Cross-Site Scripting Framework
The Cross-Site Scripting Framework XSSF is a security tool designed to turn the XSS vulnerability exploitation task into a much easier work. The XSSF project aims to demonstrate the real dangers of XSS vulnerabilities, vulgarizing their exploitation. This project is created solely for education,...
[Watcher v1.5.6] Web Security Testing Tool and Passive Vulnerability Scanner
Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as...
Lazywarden - Automatic Bitwarden Backup
Secure, Automated, and Multi-Cloud Bitwarden Backup and Import System Lazywarden is a Python automation tool designed to Backup and Restore data from your vault, including Bitwarden attachments. It allows you to upload backups to multiple cloud storage services and receive notifications across...
Startup-SBOM - A Tool To Reverse Engineer And Inspect The RPM And APT Databases To List All The Packages Along With Executables, Service And Versions
This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed. The process and objective is simple we can get a clear perspective view on the packages installed by APT currently working on implementing this for RPM and other package managers. This is...
Nemesis - An Offensive Data Enrichment Pipeline
Nemesis is an offensive data enrichment pipeline and operator support system. Built on Kubernetes with scale in mind, our goal with Nemesis was to create a centralized data processing platform that ingests data produced during offensive security assessments. Nemesis aims to automate a number of...
SecuSphere - Efficient DevSecOps
SecuSphere is a comprehensive DevSecOps platform designed to streamline and enhance your organization's security posture throughout the software development life cycle. Our platform serves as a centralized hub for vulnerability management, security assessments, CI/CD pipeline integration, and...
ModuleShifting - Stealthier Variation Of Module Stomping And Module Overloading Injection Techniques That Reduces Memory IoCs
ModuleShifting is stealthier variation of Module Stomping and Module overloading injection technique. It is actually implemented in Python ctypes so that it can be executed fully in memory via a Python interpreter and Pyramid, thus avoiding the usage of compiled loaders. The technique can be used...
Artemis - APK Infrastructure Investigator
Overview A tools for Find APK Infrastructure . HADESS performs offensive cybersecurity services through infrastructures and software that include vulnerability analysis, scenario attack planning, and implementation of custom integrated preventive projects. We organized our activities around the...
Winevt_Logs_Analysis - Searching .Evtx Logs For Remote Connections
Simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for some EventIDs regarding remote logins and sessions. You should pip install -r requirements.txt so the script can work and parse some of the .evtx files inside winevt folder. T...
LATMA - Lateral Movement Analyzer Tool
Lateral movement analyzer LATMA collects authentication logs from the domain and searches for potential lateral movement attacks and suspicious activity. The tool visualizes the findings with diagrams depicting the lateral movement patterns. This tool contains two modules, one that collects the...
Mangle - Tool That Manipulates Aspects Of Compiled Executables (.Exe Or DLL) To Avoid Detection From EDRs
Authored By Tyl0us Featured at Source Zero Con 2022 Mangle is a tool that manipulates aspects of compiled executables .exe or DLL. Mangle can remove known Indicators of Compromise IoC based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and c...
Pax - CLI Tool For PKCS7 Padding Oracle Attacks
Exploit padding oracles for fun and profit! Pax PAdding oracle eXploiter is a tool for exploiting padding oracles in order to: 1. Obtain plaintext for a given piece of CBC encrypted data. 2. Obtain encrypted bytes for a given piece of plaintext, using the unknown encryption algorithm used by the...
Mitmproxy2Swagger - Automagically Reverse-Engineer REST APIs Via Capturing Traffic
A tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic. Installation First you will need python3 and pip3. $ pip install mitmproxy2swagger ... or ... ...
RogueAssemblyHunter - Rogue Assembly Hunter Is A Utility For Discovering 'Interesting' .NET CLR Modules In Running Processes
Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes. Author: @bohops License: MIT Project: https://github.com/bohops/RogueAssemblyHunter Background .NET is a very powerful and capable development platform and runtime framework for building and...
FirmWire -b Full-System Baseband Firmware Emulation Platform For Fuzzing, Debugging, And Root-Cause Analysis Of Smartphone Baseband Firmwares
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and debugging of baseband firmware images. See theFirmWire documentation to get started! Experiments & Missing Parts? Upon a vendor's request, the current...
BackupOperatorToDA - From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain Controller
If you compromise an account member of the group Backup Operators you can become the Domain Admin without RDP or WinRM on the Domain Controller. All credit from filipdragovic with his inital POC ! I build this project because I wanted to have a more generic binary with parameters and also being...
Git-Dumper - A Tool To Dump A Git Repository From A Website
A tool to dump a git repository from a website. Install This can be installed easily with pip: pip install git-dumper Usage usage: git-dumper options URL DIR Dump a git repository from a website. positional arguments: URL url DIR output directory optional arguments: -h, --help show this help...
Nivistealer - Steal Victim Images Exact Location Device Info And Much More
Steal Victim Images Exact Location Device Info And Much More Features of Nivi-Stealer: Steal Ip Steal Device Info Uses Device Gps to steal exact location Steal pic from front camera Send logs to discord also save them locally in a txt file Works on android,windows,linux,mac os Uses iframe to load...
SharpCookieMonster - Extracts Cookies From Chrome
This is a Sharp port of @defaultnamehere's cookie-crimes module - full credit for their awesome work! This C project will dump cookies for all sites, even those with httpOnly/secure/session flags. Usage Simply run the binary. SharpCookieMonster.exe https://sitename.com chrome-debugging-port user...
Phant0m - Windows Event Log Killer
Svchost is essential in the implementation of so-called shared service processes, where a number of services can share a process in order to reduce resource consumption. Grouping multiple services into a single process conserves computing resources, and this consideration was of particular concer...
Mandiant-Azure-AD-Investigator - PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity
This repository contains a PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity. Some indicators are "high-fidelity" indicators of compromise, while other artifacts are so called "dual-use" artifacts. Dual-use artifacts may be related to thre...
T-Reqs-HTTP-Fuzzer - A Grammar-Based HTTP Fuzzer
T-Reqs T wo Req uests is a grammar-based HTTP Fuzzer written as a part of the paper titled "T-Reqs: HTTP Request Smuggling with Differential Fuzzing" which was presented at ACM CCS 2021. BibTeX of the paper: @inproceedingsccs2021treqs, title=T-Reqs: HTTP Request Smuggling with Differential Fuzzin...
Web Cache Vulnerability Scanner - A Go-based CLI Tool For Testing For Web Cache Poisoning
Web Cache Vulnerability Scanner WCVS is a fast and versatile CLI scanner for web cache poisoning developed by Hackmanit. The scanner supports many different web cache poisoning techniques, includes a crawler to identify further URLs to test, and can adapt to a specific web cache for more efficien...
Swurg - Parse OpenAPI Documents Into Burp Suite For Automating OpenAPI-based APIs Security Assessments
Swurg is a Burp Suite extension designed for OpenAPI testing. The OpenAPI Specification OAS defines a standard, programming language-agnostic interface description for REST APIs, which allows both humans and computers to discover and understand the capabilities of a service without requiring acce...
Crawpy - Yet Another Content Discovery Tool
Yet another content discovery tool written in python. What makes this tool different than others: It is written to work asynchronously which allows reaching to maximum limits. So it is very fast. Calibration mode, applies filters on its own Has bunch of flags that helps you fuzz in detail Recursi...
Redherd Framework -A Collaborative And Serverless Framework For Orchestrating A Geographically Distributed Group Of Assets
RedHerd is a collaborative and serverless framework for orchestrating a geographically distributed group of assets capable of conducting simulating complex offensive cyberspace operations. --- Getting Started Take a look at the RedHerd documentation for instructions on how to getting started with...
Terra - OSINT Tool On Twitter And Instagram
OSINT Tool On Twitter And Instagram. Installation Clone the github repo $ git clone https://github.com/xadhrit/terra.git Change Directory $ cd terra Requirements : For requirements run following commands: $ python3 -m pip install -r requirements.txt Note For Twitter Credentials : You need...
pFuzz - Helps Us To Bypass Web Application Firewall By Using Different Methods At The Same Time
pFuzz is an advanced red teaming fuzzing tool which we developed for our research. It helps us to bypass web application firewall by using different methods at the same time. pFuzz web uygulama araştırmaları için geliştirdiğimiz, gelişmiş bir fuzzing aracıdır. Farklı güvenlik uygulamaları üzerind...
CobaltStrikeParser - Python parser for CobaltStrike Beacon's configuration
Python parser for CobaltStrike Beacon's configuration Description Use parsebeaconconfig.py for stageless beacons, memory dumps or C2 urls with metasploit compatibility mode default true. Many stageless beacons are PEs where the beacon code itself is stored in the .data section and xored with 4-by...
KnockOutlook - A Little Tool To Play With Outlook
"The best feeling is to win by knockout." - Nonito Donaire Overview KnockOutlook is a C project that interacts with Outlook's COM object in order to perform a number of operations useful in red team engagements. Command Line Usage metadata of every account search : search for the provided keyword...
Ronin - A Ruby Platform For Vulnerability Research And Exploit Development
Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits, Payloads, Scanners, etc, via Repositories. Console Ronin provides users with a powerful Ruby Console, pre-loaded with powerful convenience method...
OpenCSPM - Open Cloud Security Posture Management Engine
Open Cloud Security Posture Management, OpenCSPM, is an open-source platform for gaining deeper insight into your cloud configuration and metadata to help understand and reduce risk over time. Who is OpenCSPM for? Security teams running infrastructure in cloud environments looking to gain...
Carnivore - Tool For Assessing On-Premises Microsoft Servers Authentication Such As ADFS, Skype, Exchange, And RDWeb
Carnivore is an assessment tool for Skype for Business, Exchange, ADFS, and RDWeb servers as well as some O365 functionality. Carnivore includes some new post-authentication Skype for Business functionality. Released as open source by NCC Group Plc - https://www.nccgroup.com/ Developed by Chris...
PowerZure - PowerShell Framework To Assess Azure Security
For a list of functions, their usage, and more, check outhttps://powerzure.readthedocs.io What is PowerZure? PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created out of the need for a framework that can both...
Arcane - A Simple Script Designed To Backdoor iOS Packages (Iphone-Arm) And Create The Necessary Resources For APT Repositories
Arcane is a simple script designed to backdoor iOS packages iphone-arm and create the necessar y resources for APT repositories. It was created for this publication to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS...
hackerEnv - An Automation Tool That Quickly And Easily Sweep IPs And Scan Ports, Vulnerabilities And Exploit Them
hackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali...
O.G. AUTO-RECON - Enumerate A Target Based Off Of Nmap Results
Enumerate a target Based off of Nmap Results Features The purpose of O.G. Auto-Recon is to automate the initial information gathering phase and then enumerate based off those results as much as possible. This tool is intended for CTF's and can be fairly noisy. Not the most stealth conscious tool...
Parsec - Secure Cloud Framework
Homepage: https://parsec.cloud Documentation: https://parsec-cloud.readthedocs.org. Parsec is a free software AGPL v3 aiming at easily share your work and data in the cloud in total privacy thanks to cryptographic security. Key features: Works as a virtual drive on you computer. You can access an...
pyHAWK - Searches The Directory Of Choice For Interesting Files. Such As Database Files And Files With Passwords Stored On Them
Searches the directory of choice for interesting files. Such as database files and files with passwords stored on them Features Scans directory for intresting file types Outputs them to the screen Supports many file types Installation Instructions The installation is easy. Git clone the repo and...
Photon v1.1.4 - Incredibly Fast Crawler Designed For Recon
Incredibly Fast Crawler Designed For Recon. Key Features Data Extraction Photon can extract the following data while crawling: URLs in-scope & out-of-scope URLs with parameters example.com/gallery.php?id=2 Intel emails, social media accounts, amazon buckets etc. Files pdf, png, xml etc. Secret ke...
Aron - A GO Script For Finding Hidden GET & POST Parameters
Aron is a simple GO script for finding hidden GET & POST parameters with bruteforce. Installation $ git clone https://github.com/m4ll0k/Aron.git aron $ cd aron $ go get github.com/m4ll0k/printer now check if $GOPATH is set $ go env | grep -i gopath if $GOPATH not set, try with: $ export...
Pip3Line - The Swiss Army Knife Of Byte Manipulation
Pip3line is a raw bytes manipulation utility, able to apply well known and less well known transformations from anywhere to anywhere almost. Its main usefulness lies in pentesting and reverse-engineering / binary analysis purposes. Current transformations list include classic decoders such as...
Camelishing - Social Engineering Tool
Camelishing Social Engineering Tool Features 1. Bulk email sending 2. Basic Python Agent Creator 3. Office Excel Macro Creator 4. DDE Excel Creatoror Custom Payload 5. Return İnformation Mail Open Track Agent Open Track 6. AutoSave 7. Statistics Report 8. User Control Installation Modules $ pip...
AWS Key Disabler - A Small Lambda Script That Will Disable Access Keys Older Than A Given Amount Of Days
The AWS Key disabler is a Lambda Function that disables AWS IAM User Access Keys after a set amount of time in order to reduce the risk associated with old access keys. AWS Lambda Architecture SysOps Output for EndUser Developer Toolchain Current Limitations A report containing the output json of...
ROPGenerator - Tool That Helps You Building ROP Exploits By Finding And Chaining Gadgets Together
ROPGenerator is a tool that makes ROP exploits easy. It enables you to automatically find gadgets or build ROP chains. The current version supports x86 and x64 binaries. Overview ROPGenerator uses the tool ROPgadget https://github.com/JonathanSalwan/ROPgadget to extract gadgets from binaries and...
Orbit - Cryptocurrency Wallets Relationship Visualizer
Give it a blockchain based crypto wallet address and it will crawl 3 levels deep in transaction data to plot a graph out of the information. Usage Run orbit.py with python3 as follows python3 orbit.py Enter the wallet address | | | ' | || | | | | Enter a wallet address: xxxxxxxxxxxxxxx Now orbit...
DNS Rebind Toolkit - A Front-End JavaScript Toolkit For Creating DNS Rebinding Attacks
DNS Rebind Toolkit is a frontend JavaScript framework for developing DNS Rebinding exploits against vulnerable hosts and services on a local area network LAN. It can be used to target devices like Google Home, Roku, Sonos WiFi speakers, WiFi routers, "smart" thermostats, and other IoT devices. Wi...
BeRoot For Windows - Privilege Escalation Project
BeRoots is a post exploitation tool to check common Windows misconfigurations to find a way to escalate our privilege. A compiled version is available here. It will be added to the pupy project as a post exploitation module so it will be executed in memory without touching the disk. Except one...
Nemesis - A Command-Line Network Packet Crafting And Injection Utility
The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts. Key Features ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP,...
Lynis 2.6.2 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...