Spyre - Simple YARA-based IOC Scanner

...a simple, self-contained modular host-based IOC scanner Spyre is a simple host-based IOC scanner built around the YARA pattern matching engine and other scan modules. The main goal of this project is easy operationalization of YARA rules and other indicators of compromise. Users need to bring...

Safety - Check Your Installed Dependencies For Known Security Vulnerabilities

Safety checks your installed dependencies for known security vulnerabilities. By default it uses the open Python vulnerability database Safety DB, but can be upgraded to use pyup.io's Safety API using the --key option. Installation Install safety with pip. Keep in mind that we support only Python...

Anchore Engine - A Service That Analyzes Docker Images And Applies User-Defined Acceptance Policies To Allow Automated Container Image Validation And Certification

For the most up-to-date information on Anchore Engine, Anchore CLI, and other Anchore software, please refer to the Anchore Documentation The Anchore Engine is an open-source project that provides a centralized service for inspection, analysis, and certification of container images. The Anchore...

Rakkess - Kubectl Plugin To Show An Access Matrix For K8S Server Resources

Review Access - kubectl plugin to show an access matrix for server resources Intro Have you ever wondered what access rights you have on a provided kubernetes cluster? For single resources you can use kubectl auth can-i list deployments, but maybe you are looking for a complete overview? This is...

Browsertunnel - Surreptitiously Exfiltrate Data From The Browser Over DNS

Browsertunnel is a tool for exfiltrating data from the browser using the DNS protocol. It achieves this by abusing dns-prefetch, a feature intended to reduce the perceived latency of websites by doing DNS lookups in the background for specified domains. DNS traffic does not appear in the browser'...

Bpytop - Linux/OSX/FreeBSD Resource Monitor

Resource monitor that shows usage and stats for processor, memory, disks, network and processes. Python port of bashtop. Features Easy to use, with a game inspired menu system. Full mouse support, all buttons with a highlighted key is clickable and mouse scroll works in process list and menu boxe...

PurpleCloud - An Infrastructure As Code (IaC) Deployment Of A Small Active Directory Pentest Lab In The Cloud

Pentest Cyber Range for a small Active Directory Domain. Automated templates for building your own Pentest/Red Team/Cyber Range in the Azure cloud! Purple Cloud is a small Active Directory enterprise deployment automated with Terraform / Ansible Playbook templates to be deployed in Azure. Purple...

OpenRedireX - Asynchronous Open redirect Fuzzer for Humans

A Fuzzer For OpenRedirect Issues. Key Features : Takes a url or list of urls and fuzzes them for Open redirect issues You can specify your own payloads in 'payloads.txt' Shows Location header history if any Fast as it is Asynchronous umm thats it , nothing much ! Usage : Note : Use Python 3.7+ ! ...

SQLMap v1.4.9 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

Autovpn - Create On Demand Disposable OpenVPN Endpoints On AWS

Script that allows the easy creation of OpenVPN endpoints in any AWS region. To create a VPN endpoint is done with a single command takes 3 minutes. It will create the proper security groups. It spins up a tagged ec2 instance and configures OpenVPN software. Once instance is configured an OpenVPN...

VPS-Docker-For-Pentest - Create A VPS On Google Cloud Platform Or Digital Ocean Easily With The Docker For Pentest

Create a VPS on Google Cloud Platform or Digital Ocean easily with the docker for pentest included to launch the assessment to the target. Requirements Terraform installed Ansible installed SSH private and public keys Google Cloud Platform or Digital Ocean account. Usage 1.- Clone the repository...

Hardcodes - Find Hardcoded Strings From Source Code

hardcodes is a utility for searching strings hardcoded by developers in programs. It uses a modular tokenizer that can handle comments, any number of backslashes & nearly any syntax you throw at it. Yes, it is designed to process any syntax and following languages are officially supported: ada,...

Wordlist_Generator - Unique Wordlist Generator Of Unique Wordlists

wordlistgenerator generates wordlists with unique words with techniques mentioned in tomnomnom's report "Who, What, Where, When". It takes URLs from gau and splits them to get words in URLs. Then it requests each URL to fetch all words. Finally, wordlistgenerator removes from wordlist everything...

Faraday v3.12 - Collaborative Penetration Test and Vulnerability Management Platform

There are better ways than managing vulnerabilities with spreadsheets, especially when you are working with several tools. We know it’s easy to lose trail of your efforts. In faraday you can keep track of your scanners and your team in one place, This update is focused on improving your everyday...

H4Rpy - Automated WPA/WPA2 PSK Attack Tool

h4rpy is an automated WPA/WPA2 PSK attack tool, wrapper of aircrack-ng framework. h4rpy provides clean interface for automated cracking of WPA/WPA2 PSK networks. h4rpy enables monitor mode on selected wireless interface, scans the wireless space for access points, tries to capture WPA/WPA2 4-way...

SNIcat - Server Name Indication Concatenator

SNIcat is a proof of concept tool that performs data exfiltration, utilizing a covert channel method via. Server Name Indication , a TLS Client Hello Extension. The tool consists of an agent which resides on the compromised internal host, and a Command &Control Server which controls the agent and...

Geo-Recon - An OSINT CLI Tool Desgined To Fast Track IP Reputation And Geo-locaton Look Up For Security Analysts

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts. Setup This tool is compactible with: Any Linux Operating System Debian, Ubuntu, CentOS Termux Linux Setup git clone https://github.com/radioactivetobi/geo-recon.git cd geo-recon chmod +x...

Bbrecon - Python Library And CLI For The Bug Bounty Recon API

Bug Bounty Recon bbrecon is a free Recon-as-a-Service for bug bounty hunters and security researchers. The API aims to provide a continuously up-to-date map of the Internet "safe harbor" attack surface, excluding out-of-scope targets. It comes with an ergonomic CLI and Python library. This...

SpaceSiren - A Honey Token Manager And Alert System For AWS

SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey tokens at scale -- up to 10,000 per SpaceSiren instance -- at close to no cost.1 How It Works SpaceSiren provides an API to create no-permission AWS IAM users and...

LOLBITS v2.0.0 - C2 Framework That Uses Background Intelligent Transfer Service (BITS) As Communication Protocol And Direct Syscalls + Dinvoke For EDR User-Mode Hooking Evasion

LOLBITS is a C2 framework that uses Microsoft's Background Intelligent Transfer Service BITS to establish the communication channel between the compromised host and the backend. The C2 backend is hidden behind an apparently harmless flask web application and it's only accesible when the HTTP...

Killchain - A Unified Console To Perform The "Kill Chain" Stages Of Attacks

What is “Kill Chain”? From Wikipedia: The term kill chain was originally used as a military concept related to the structure of an attack; consisting of target identification, force dispatch to target, decision, order to attack the target, and finally the destruction of the target. Reconnaissance...

CrossC2 - Generate CobaltStrike's Cross-Platform Payload

A security framework for enterprises and Red Team personnel, supports CobaltStrike's penetration testing of other platforms Linux / MacOS / ..., supports custom modules, and includes some commonly used penetration modules. Only for internal use by enterprises and organizations, this framework has...

DVS - D(COM) V(ulnerability) S(canner) AKA Devious Swiss Army Knife

Did you ever wonder how you can move laterally through internal networks? or interact with remote machines without alerting EDRs? Let's assume that we have a valid credentials, or an active session with access to a remote machine, but we are without an option for executing a process remotely in a...

Mihari - A Helper To Run OSINT Queries & Manage Results Continuously

Mihari is a helper to run queries & manage results continuously. Mihari can be used for C2, landing page and phishing hunting. How it works Mihari makes a query against Shodan, Censys, VirusTotal, SecurityTrails, etc. and extracts artifacts IP addresses, domains, URLs and hashes from the results...

SourceWolf - Amazingly Fast Response Crawler To Find Juicy Stuff In The Source Code!

Tested environments: Windows, MAC, linux, and windows subsystem for linux WSL What can SourceWolf do? Crawl through responses to find hidden endpoints, either by sending requests, or from the local response files if any. Create a list of javascript variables found in the source Extract all the...

Iblessing - An iOS Security Exploiting Toolkit, It Mainly Includes Application Information Collection, Static Analysis And Dynamic Analysis

iblessing iblessing is an iOS security exploiting toolkit, it mainly includes application information collection , static analysis and dynamic analysis. iblessing is based on unicorn engine and capstone engine. Features Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract,...

Urlgrab - A Golang Utility To Spider Through A Website Searching For Additional Links

A golang utility to spider through a website searching for additional links with support for JavaScript rendering. Install go get -u github.com/iamstoxe/urlgrab Features Customizable Parallelism Ability to Render JavaScript including Single Page Applications such as Angular and React Usage Usage ...

Osintgram - A OSINT Tool On Instagram

Osintgram is a OSINT tool on Instagram. Osintgram offers an interactive shell to perform analysis on Instagram account of any users by its nickname. You can get: - addrs Get all registered addressed by target photos - captions Get user's photos captions - comments Get total comments of target's...

Vulnerable-AD - Create A Vulnerable Active Directory That'S Allowing You To Test Most Of Active Directory Attacks In Local Lab

Create a vulnerable active directory that's allowing you to test most of active directory attacks in local lab. Main Features Randomize Attacks Full Coverage of the mentioned attacks you need run the script in DC with Active Directory installed Some of attacks require client workstation Supported...

Bluescan - A Powerful Bluetooth Scanner For Scanning BR/LE Devices, LMP, SDP, GATT And Vulnerabilities!

Bluescan is a open source project by Sourcell Xu from DBAPP Security HatLab. Anyone may redistribute copies of bluescan to anyone under the terms stated in the GPL-3.0 license. This document is also available in Chinese. See README-Chinese.md Aren't the previous Bluetooth scanning tools scattered...

SharpHose - Asynchronous Password Spraying Tool In C# For Windows Environments

SharpHose is a C password spraying tool designed to be fast, safe, and usable over Cobalt Strike's execute-assembly. It provides a flexible way to interact with Active Directory using domain-joined and non-joined contexts, while also being able to target specific domains and domain controllers...

Bashtop - Linux/OSX/FreeBSD Resource Monitor

Bpytop, bashtop python port is now available at https://github.com/aristocratos/bpytop It's a lot faster and about a third as cpu heavy and has more features, including: Mouse support Toggleable mini mode More customization Graphs for memory consumption It's also a lot easier for me to bug fix an...

Hack-Tools - The All-In-One Red Team Extension For Web Pentester

The all-in-oneRed Team browser extension for Web Pentesters HackTools, is a web extension facilitating your web application penetration tests , it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more. With the extension you no longer...

ezEmu - Simple Execution Of Commands For Defensive Tuning/Research

ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers ", ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry. Windows See /Linux for ELF ezEmu is compiled as...

VolExp - Volatility Explorer

This program allows the user to access a Memory Dump. It can also function as a plugin to the Volatility Framework https://github.com/volatilityfoundation/volatility. This program functions similarly to Process Explorer/Hacker, but additionally it allows the user access to a Memory Dump or access...

AWS Recon - Multi-threaded AWS Inventory Collection Tool With A Focus On Security-Relevant Resources And Metadata

A multi-threaded AWS inventory collection tool. The creators of this tool have a recurring need to be able to efficiently collect a large amount of AWS resource attributes and metadata to help clients understand their cloud security posture. There are a handful of tools e.g. AWS Config,...

Yeti - Your Everyday Threat Intelligence

Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables e.g. resolve domains, geolocate IPs so that you don't have to. Yeti provides an interface for humans shiny...

Parth - Heuristic Vulnerable Parameter Scanner

Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter ?url= usually contains URLs as the value and hence often falls victim to file inclusion, open redirect and SSRF attacks. Parth can go through your burp history, a list of URLs...

Pyre-Check - Performant Type-Checking For Python

Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally – providing instantaneous feedback to developers as they write code. Pyre ships with Pysa , a security focused static analysis tool we've built on top of Py...

Intel Owl - Analyze Files, Domains, IPs In Multiple Ways From A Single API At Scale

Do you want to get threatintelligence data about a file, an IP or a domain? Do you want to get this kind of data from multiple sources at the same time using a single API request? You are in the right place! This application is built to scale out and to speed up the retrieval of threat info. It c...

Scan-For-Webcams - Scan For Webcams In The Internet

Automatically scan for publically accessible webcams around the internet Usage python MJPG.py : for public MJPG streamers around the internet python webcamXP.py : for public webcamXP streamers around the internet The program will output a list of links with the format of ipaddress:port If your...

Cloud-Sniper - Virtual Security Operations Center

Cloud Security Operations What is Cloud Sniper? Cloud Sniper is a platform designed to manage Security Operations in cloud environments. It is an open platform which allows responding to security incidents by accurately analyzing and correlating native cloud artifacts. It is to be used as a Virtu...

SecGen - Create Randomly Insecure VMs

SecGen creates vulnerable virtual machines, lab environments, and hacking challenges, so students can learn security penetration testing techniques. Boxes like Metasploitable2 are always the same, this project uses Vagrant, Puppet, and Ruby to create randomly vulnerable virtual machines that can ...

ADBSploit - A Python Based Tool For Exploiting And Managing Android Devices Via ADB

A python based tool for exploiting and managing Android devices via ADB Currently on development Screenrecord Stream Screenrecord Extract Contacts Extract SMS Extract Messasing App Chats WhatsApp/Telegram/Line Install Backdoor And more... Installation First Download or clone repo git clone...

Wonitor - Fast, Zero Config Web Endpoint Change Monitor

fast, zero config web endpoint change monitor. for comparing responses, a selected list of http headers and the full response body is stored on a local key/value store file. no configuration needed. to increase network throughput, a --worker flag allows to set the concurrency when monitoring...

DropEngine - Malleable Payloads!

By @s0lst1c3 Disclaimer DropEngine the "Software" and associated documentation is provided “AS IS”. The Developer makes no other warranties, express or implied, and hereby disclaims all implied warranties, including any warranty of merchantability and warranty of fitness for a particular purpose...

ReconSpider - Most Advanced Open Source Intelligence (OSINT) Framework For Scanning IP Address, Emails, Websites, Organizations

ReconSpider is most Advanced Open Source Intelligence OSINT Framework for scanning IP Address, Emails, Websites, Organizations and find out information from different sources. ReconSpider can be used by Infosec Researchers, Penetration Testers, Bug Hunters and Cyber Crime Investigators to find de...

Pagodo - Automate Google Hacking Database Scraping And Searching

The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdbscraper.py that retrieves Google Dorks and the second portion is pagodo.py that leverages the information gathered...

Kali Linux 2020.3 Release - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! Quarter 3 – Kali Linux 20202.3. This release has various impressive updates. A quick overview of what’s new since the last release in May 2020: New Shell – Starting the process to switch from “Bash” to “ZSH “ The release of “Win-Kex ” – Get readyWSL2 Automatin...

PurpleSharp - C# Adversary Simulation Tool That Executes Adversary Techniques With The Purpose Of Generating Attack Telemetry In Monitored Windows Environments

Defending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection & response capabilities has proven to be a step in the right direction. However, without the telemetry produced by adversary behavior, buildi...