nuvola – Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services
nuvola (with the lowercase n) is a tool to dump and perform automatic and manual security analysis on AWS environments...
Tools
TripleCross – A Linux eBPF Rootkit With A Backdoor, C2, Library Injection, Execution Hijacking, Persistence And Stealth Capabilities.
TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is inspired by previous...
Dismember – Scan Memory For Secrets And More
Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes (or particular...
Unblob – Extract Files From Any Kind Of Container Formats
Download Unblob If you like the site, please consider joining the telegram channel or supporting us on Patreon using the...
SCMKit – Source Code Management Attack Toolkit
Source Code Management Attack Toolkit - SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows...
autoSSRF – Smart Context-Based SSRF Vulnerabiltiy Scanner
autoSSRF is your best ally for identifying SSRF vulnerabilities at scale. Different from other ssrf automation tools, this one comes...
TeamFiltration – Cross-Platform Framework For Enumerating, Spraying, Exfiltrating, And Backdooring O365 AAD Accounts
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts. See the TeamFiltration wiki page for...
NGWAF – First Iteration Of ML Based Feedback WAF
This can be achieved in the following steps: Create a new dataset (.csv) for upload in the following format...
RDPHijack-BOF – Cobalt Strike Beacon Object File (BOF) That Uses WinStationConnect API To Perform Local/Remote RDP Session Hijacking
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access...
Evilgophish – Evilginx2 + Gophish
Combination of Once you have run setup.sh, the next steps are: Configure SMS message template. You will use Text only...
Collect-MemoryDump – Automated Creation Of Windows Memory Snapshots For DFIR
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR Collect-MemoryDump.ps1 is Fig 3: Automated Creation of Windows Memory Snapshot...
Prefetch-Hash-Cracker – A Small Util To Brute-Force Prefetch Hashes
Motivation During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch file. While...
Appshark – Static Taint Analysis Platform To Scan Vulnerabilities In An Android App
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. Prerequisites Appshark requires a specific version...
VuCSA – Vulnerable Client-Server Application – Made For Learning/Presenting How To Perform Penetration Tests Of Non-Http Thick Clients
Vulnerable Client-Server Application Vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients....
Jscythe – Abuse The Node.Js Inspector Mechanism In Order To Force Any Node.Js/Electron/V8 Based Process To Execute Arbitrary Javascript Code
jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even...
Cicd-Goat – A Deliberately Vulnerable CI/CD Environment
Deliberately Download & Run There's no need to clone the repository. Linux & Mac curl -o cicd-goat/docker-compose.yaml --create-dirs https://raw.githubusercontent.com/cider-security-research/cicd-goat/main/docker-compose.yamlcd cicd-goat...
Reverse_SSH – SSH Based Reverse Shell
Want to use SSH for reverse shells? Now you can. Manage and connect to reverse shells with native SSH syntax...
Ermir – An Evil Java RMI Registry
Ermir is an Evil/Rogue RMI Registry, it public String list(): list() asks the registry for all the bound objects names,...
Threatest – Threatest Is A Go Framework For End-To-End Testing Threat Detection Rules
Threatest is a Go framework for testing threat detection end-to-end. Threatest allows you to detonate an attack technique, and verify...
Sandman – NTP Based Backdoor For Red Team Engagements In Hardened Networks
Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a...
Whids – Open Source EDR For Windows
What EDR with artifact collection driven by detection. The detection engine is built on top of a previous project NB:...
ProtectMyTooling – Multi-Packer Wrapper Letting Us Daisy-Chain Various Packers, Obfuscators And Other Red Team Oriented Weaponry
Script that wraps around multitude of packers, protectors, obfuscators, shellcode loaders, encoders, generators to produce complex protected Red Team implants....
Mangle – Tool That Manipulates Aspects Of Compiled Executables (.Exe Or DLL) To Avoid Detection From EDRs
Authored By Tyl0us Featured at Source Zero Con 2022 Mangle is a tool that manipulates aspects of compiled executables (.exe...
Bomber – Scans Software Bill Of Materials (SBOMs) For Security Vulnerabilities
bomber is an application that scans SBOMs for security vulnerabilities. Overview So you've asked a vendor for an Software Bill...
