Columbo - A Computer Forensic Analysis Tool Used To Simplify And Identify Specific Patterns In Compromised Datasets

Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets. It breaks down data to small sections and uses pattern recognition and machine learning models to identify adversaries behaviour and their possible locations in compromised Window...

ThreatMapper - Identify Vulnerabilities In Running Containers, Images, Hosts And Repositories

The Deepfence Runtime Threat Mapper is a subset of the Deepfence cloud native workload protection platform, released as a community edition. This community edition empowers the users with following features: 1. Visualization: Visualize kubernetes clusters, virtual machines, containers and images,...

Burpsuite-Copy-As-XMLHttpRequest - Copy As XMLHttpRequest BurpSuite Extension

The extension adds a context menu to BurpSuite that allows you to copy multiple requests as Javascript's XmlHttpRequest, which simplifies PoC development when exploiting XSS. Installation download the latest JAR from releases or build manually add JAR to burpsuite using tabs: "Extender" -...

Scylla - The Simplistic Information Gathering Engine | Find Advanced Information On A Username, Website, Phone Number, Etc...

Scylla is an OSINT tool developed in Python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts, websites/webservers, phone numbers, and names. Scylla also allows users to find all social media profiles main platforms assigned to a certain username. In continuation,...

UAC - Unix-like Artifacts Collector

UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts. It respects the order of volatility and artifacts that are changed during the execution. It was created to facilitate and speed up data...

Maigret - OSINT Username Checker. Collect A Dossier On A Person By Username From A Huge Number Of Sites

The Commissioner Jules Maigret is a fictional French police detective, created by Georges Simenon. His investigation method is based on understanding the personality of different people and their interactions. About Purpose of Maigret - collect a dossier on a person by username only , checking fo...

Watson - Enumerate Missing KBs And Suggest Exploits For Useful Privilege Escalation Vulnerabilities

Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities. Supported Versions Windows 10 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004 Server 2016 & 2019 Usage C:\ Watson.exe / / /\ \ \ | | \ / / / | / |/ | ' \ \ /\ / | |...

SharpHound3 - C# Data Collector For The BloodHound Project

Get SharpHound The latest build of SharpHound will always be in the BloodHound repository here Compile Instructions SharpHound is written using C 9.0 features. To easily compile this project, use Visual Studio 2019. If you would like to compile on previous versions of Visual Studio, you can insta...

DefenderCheck - Identifies The Bytes That Microsoft Defender Flags On

Quick tool to help make evasion work a little bit easier. Takes a binary as input and splits it until it pinpoints that exact byte that Microsoft Defender will flag on, and then prints those offending bytes to the screen. This can be helpful when trying to identify the specific bad pieces of code...

SharpGPOAbuse - Tool To Take Advantage Of A User'S Edit Rights On A Group Policy Object (GPO) In Order To Compromise The Objects That Are Controlled By That GPO

SharpGPOAbuse is a .NET application written in C that can be used to take advantage of a user's edit rights on a Group Policy Object GPO in order to compromise the objects that are controlled by that GPO. More details can be found at the following blog post:...

Tuf - A Framework For Securing Software Update Systems

This repository is the reference implementation of The Update Framework TUF. It is written in Python and intended to conform to version 1.0 of the TUF specification. This implementation is in use in production systems, but is also intended to be a readable guide and demonstration for those workin...

SecretScanner - Find Secrets And Passwords In Container Images And File Systems

Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets? Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure such as accounts, devices, network, cloud based services,...

SharpDPAPI - A C# Port Of Some Mimikatz DPAPI Functionality

SharpDPAPI is a C port of some DPAPI functionality from @gentilkiwi's Mimikatz project. I did not come up with this logic, it is simply a port from Mimikatz in order to better understand the process and operationalize it to fit our workflow. The SharpChrome subproject is an adaptation of work fro...

Seatbelt - A C# Project That Performs A Number Of Security Oriented Host-Survey "Safety Checks" Relevant From Both Offensive And Defensive Security Perspectives

Seatbelt is a C project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives. @andrewchiles' HostEnum.ps1 script and @tifkin's Get-HostProfile.ps1 provided inspiration for many of the artifacts to collect. @harmj0...

Rubeus - C# Toolset For Raw Kerberos Interaction And Abuses

Rubeus is a C toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project CC BY-NC-SA 4.0 license and Vincent LE TOUX's MakeMeEnterpriseAdmin project GPL v3.0 license. Full credit goes to Benjamin and Vincent for working out the hard components of...

InveighZero - Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool

InveighZero is a C LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to a Windows system. This version shares many features with the PowerShell version of Inveigh. Privileged Mode Features elevated admin...

ClearURLs - An Add-On Based On The New WebExtensions Technology And Will Automatically Remove Tracking Elements From URLs To Help Protect Your Privacy

ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This extension will automatically remove tracking elements from URLs to help protect your privacy when browse through the Internet, which is regularly updated by us and can be...

Android_Hid - Use Android As Rubber Ducky Against Another Android Device

Use Android as Rubber Ducky against another Android device HID attack using Android Using Android as Rubber Ducky against Android. This is not a new technique, just a demo how to perform HID attack using Android instead of rubber ducky. For targeted Android device it is not necessary to be rooted...

KICS - Find Security Vulnerabilities, Compliance Issues, And Infrastructure Misconfigurations Early In The Development Cycle Of Your Infrastructure-As-Code

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx. KICS stands for K eeping I nfrastructure as C ode S ecure, it is open source and is a must-have for any cloud native project...

Boomerang - A Tool To Expose Multiple Internal Servers To Web/Cloud

Boomerang is a tool to expose multiple internal servers to web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports on the Cloud. One will be where tools like proxychains can connect over socks, another will be for the agent to connect. The agent can be executed on any internal host. Th...

BadOutlook - (Kinda) Malicious Outlook Reader

A simple PoC which leverages the Outlook Application Interface COM Interface to execute shellcode on a system based on a specific trigger subject line. By utilizing the Microsoft.Office.Interop.Outlook namespace, developers can represent the entire Outlook Application or at least according to...

CallObfuscator - Obfuscate Specific Windows Apis With Different APIs

Obfuscate hide the PE imports from static/dynamic analysis tools. Theory This's pretty forward, let's say I've used VirtualProtect and I want to obfuscate it with Sleep, the tool will manipulate the IAT so that the thunk that points to VirtualProtect will point instead to Sleep, now at executing...

Search-That-Hash - Searches Hash APIs To Crack Your Hash Quickly, If Hash Is Not Found Automatically Pipes Into HashCat

The Fastest Hash Cracking System pip3 install search-that-hash && sth Tired of going to every website to crack your hash? Search-That-Hash automates this process in less than 2 seconds. Search-That-Hash searches the most popular hash cracking sites and automatically inputs your hashs for cracking...

Obfuscation_Detection - Collection Of Scripts To Pinpoint Obfuscated Code

Automatically detect control-flow flattening and other state machines Author: Tim Blazytko Description: Scripts and binaries to automatically detect control-flow flattening and other state machines in binaries. Implementation is based on Binary Ninja. Check out the following blog post for more...

cve_manager_VS - A Collection Of Python Apps And Shell Scripts To Email An Xlsx Spreadsheet Of New Vulnerabilities In The NIST CVE Database And Their Associated Products On A Daily Schedule

A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE database and their associated products on a daily schedule. The spreadsheet can then be manually interpreted for risk to your specific organization. Based off of an opensource product...

Retoolkit - Reverse Engineer's Toolkit

This is a collection of tools you may like if you are interested on reverse engineering and/or malware analysis on x86 and x64 Windows systems. After installing this toolkit you'll have a folder in your desktop with shortcuts to RE tools like these: Why do I need it? You don't. Obviously, you can...

Smogcloud - Find Cloud Assets That No One Wants Exposed

Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to any capable security program. We made smogcloud to enable security engineers, penetration testers, and AWS administrators to monitor the collective changes that create dynamic and ephemeral...

Gitrecon - OSINT Tool To Get Information From A Github Profile And Find GitHub User'S Email Addresses Leaked On Commits

OSINT tool to get information from a github profile and find GitHub user's email addresses leaked on commits. How does this work? GitHub uses the email address associated with a GitHub account to link commits and other activity to a GitHub profile. When a user makes commits to public repos their...

OSCP-Exam-Report-Template-Markdown - Markdown Templates For Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP Exam Report

I created an Offensive Security Exam Report Template in Markdown so LaTeX, Microsoft Office Word, LibreOffice Writer are no longer needed during your Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam! Now you can be efficient and faster during your exam report redaction! Speed up writing , don...

Kraker - Distributed Password Brute-Force System That Focused On Easy Use

Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and workstations, focused on easy of use. There were two main goals during the design and development: to create the most simple tool for distributed hash cracking and make it...

CTF-Party - A Ruby Library To Enhance And Speed Up Script/Exploit Writing For CTF Players

A library to enhance and speed up script/exploit writing for CTF players or security researchers, bug bounty hunters, pentesters but mostly focused on CTF by patching the String class to add a short syntax of usual code patterns. The philosophy is also to keep the library to be pure ruby no...

Godehashed - Tool That Uses The Dehashed.Com API To Search For Compromised Assets

A golang tool that uses the dehashed.com API to search for compromised assets. Results can then be compiled into a CSV for further analysis. Dehashed API You must supply the tool an api key. See apikeytemplate.txt for example. Installation To install the tool in CLI run the following command. You...

ProxyLogon - PoC Exploit for Microsoft Exchange

PoC Exploit for Microsoft Exchange Launche Original PoC: https://github.com/testanull How to use: python proxylogon.py Example: python proxylogon.py primary [email protected] If successful you will be dropped into a webshell. exit or quit to escape from the webshell or ctrl+c By default, it...

Netmap.Js - Fast Browser-Based Network Discovery Module

Fast browser-based network discovery module Description netmap.js provides browser-based host discovery and port scanning capabilities to allow you to map website visitors' networks. It's quite fast, making use of es6-promise-pool to efficiently run the maximum number of concurrent connections...

Vajra - A Highly Customi zable Target And Scope Based Automated Web Hacking Framework To Automate Boring Recon Tasks

An automated web hacking framework for web applications Detailed insight about Vajra can be found at https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8 About Vajra Vajra is an automated web hacking framework to automate boring recon tasks and same...

Subcert - An Subdomain Enumeration Tool, That Finds All The Subdomains From Certificate Transparency Logs

Subcert is a subdomain enumeration tool, that finds all the valid subdomains from certificate transparency logs. Setup Step 1: Install Python 3 apt-get install python3-pip Step 2: Clone the Repository git clone https://github.com/A3h1nt/Subcert.git Step 3: Install Dependencies pip3 install -r...

Mole - A Framework For Identifying And Exploiting Out-Of-Band Application Vulnerabilities

A framework for identifying and exploiting out-of-band OOB vulnerabilities. Installation & Setup Mole Install Python = 3.6 virtualenv -p /usr/bin/python3 venv source venv/bin/activate ./venv/bin/pip3 install -r requirements.txt git submodule update --init --recursive Set an API key in config.yml...

Invoke-SocksProxy - Socks Proxy, And Reverse Socks Server Using Powershell

Creates a local or "reverse" Socks proxy using powershell. The local proxy is a simple Socks 4/5 proxy. The reverse proxy creates a tcp tunnel by initiating outbond SSL connections that can go through the system's proxy. The tunnel can then be used as a socks proxy on the remote host to pivot int...

Reverse-Shell-Generator - Hosted Reverse Shell Generator With A Ton Of Functionality

Hosted Reverse Shell generator with a ton of functionality -- great for CTFs Hosted Instance https://revshells.com Features Generate common listeners and reverse shells Automatically copy to clipboard Button to increment the listening port number by 1 URI and Base64 encoding LocalStorage to persi...

OffensivePipeline - Tool To Download, Compile (Without Visual Studio) And Obfuscate C# Tools For Red Team Exercises

OffensivePipeline allows to download, compile without Visual Studio and obfuscate C tools for Red Team exercises. OffensivePipeline downloads the tool from the git repository, then compiles it with msbuild and finally obfuscates it with ConfuserEx. Examples List all tools: OffensivePipeline.exe...

Rafel-Rat - Android Rat Written In Java With WebPanel For Controlling Victims

Rafel is RemoteAccess Tool Used to Control Victims Using WebPanel With More Advance Features. Main Features Admin Permission Add App To White List Looks Like Browser Runs In Background Even App is ClosedMay not work on some Devices Accessibility Feature Support Android v5 - v10 No Port Forwarding...

AnonX - An Encrypted File Transfer Via AES-256-CBC

An Encrypted File transfer via AES-256-CBC AnonX is an encrypted file uploader and downloader. The uploaded archive lasts for one week and shall remove from the server. AnonX encrypts the directory before uploading it to the server. The download function requires the download id and AES password ...

Strafer - A Tool To Detect Potential Infections In Elasticsearch Instances

Elasticsearch infections are rising exponentially. The adversaries are exploiting open and exposed Elasticsearch interfaces to trigger infections in the cloud and non-cloud deployments. During this talk, we will release a tool named "STRAFER" to detect potential infections in the Elasticsearch...

Turbo-Intruder - A Burp Suite Extension For Sending Large Numbers Of HTTP Requests And Analyzing The Results

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. It's intended to complement Burp Intruder by handling attacks that require exceptional speed, duration, or complexity. The following features set it apart: Fast - Turbo Intruder uses a...

Lazy-RDP - Script For AutomRDPatic Scanning And Brute-Force

Script For AutomRDPatic Scanning And Brute-Force. Demo Video: Lazy-RDP over SSH: Script for automatic scanning of the address list for the presence of open 3389 ports, and then selecting the method and starting busting pair login / password. The script is tuned for Kali linux 2.0, Kali linux 2016...

SnitchDNS - Database Driven DNS Server With A Web UI

SnitchDNS is a database driven DNS Server with a Web UI, written in Python and Twisted, that makes DNS administration easier with all configuration changed applied instantly without restarting any system services. One of its main features is the logging of all DNS queries allowing the discovery o...

Genisys - Powerful Telegram Members Scraping And Adding Toolkit

Powerful Telegram Members Scraping and Adding Toolkit Features ADDS IN BULKby user id, not by username Scrapes and adds to public groups Works in Windows systems You can run unlimited accounts at the same time in order to add members CSV files auto-distributer based on number of accounts to use...

Confused - Tool To Check For Dependency Confusion Vulnerabilities In Multiple Package Management Systems

A tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python pypi requirements.txt, JavaScript npm package.json, PHP composer composer.json or MVN maven pom.xml. What is this all about? On 9th of February 2021, a security researcher...

DLLHSC - DLL Hijack SCanner A Tool To Assist With The Discovery Of Suitable Candidates For DLL Hijacking

DLL Hijack SCanner - A tool to generate leads and automate the discovery of candidates for DLL Search Order Hijacking Contents of this repository This repository hosts the Visual Studio project file for the tool DLLHSC, the project file for the API hooking functionality detour, the project file f...

PowerSharpPack - Many usefull offensive CSharp Projects wraped into Powershell for easy usage

Many usefull offensive CSharp Projects wraped into Powershell for easy usage. Why? In my personal opinion offensive Powershell is not dead because of AMSI, Script-block-logging, Constrained Language Mode or other protection features. Any of these mechanisms can be bypassed. Since most new...