Kconfig-Hardened-Check – A Tool For Checking The Hardening Options In The Linux Kernel Config
MotivationThere are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros....
tools
Joern – Open-source Code Analysis Platform For C/C++/Java Based On Code Property Graphs
Joern's Documentation is available here: https://docs.joern.io/home Quick Installationwget https://github.com/ShiftLeftSecurity/joern/releases/latest/download/joern-install.shchmod +x ./joern-install.shsudo ./joern-install.shjoernCompiling (synthetic)/ammonite/predef/interpBridge.scCompiling (synthetic)/ammonite/predef/replBridge.scCompiling (synthetic)/ammonite/predef/DefaultPredef.scCompiling /home/tmp/shiftleft/joern/(console) ██╗ ██████╗ ███████╗██████╗ ███╗...
PPLdump – Dump The Memory Of A PPL With A Userland Exploit
This tool implements a userland exploit that was initially discussed by James Forshaw (a.k.a. @tiraniddo) - in this blog post...
Volatility GUI – GUI For Volatility Forensics Tool
This is a GUI for Volatility forensics tool written in PyQT5Prerequisites:1- Installed version of Volatility. 2- Install PyQT5. sudo apt-get...
Aggrokatz – An Aggressor Plugin Extension For Cobalt Strike Which Enables Pypykatz To Interface With The Beacons Remotely
aggrokatz is an Aggressor plugin extension for CobaltStrike which enables pypykatz to interface with the beacons remotely. The current version...
Gundog – Guided Hunting In Microsoft 365 Defender
Gundog provides you with guided hunting in Microsoft 365 Defender. Especially (if not only) for Email and Endpoint Alerts at...
TChopper – Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine
New technique I have discovered recently and give it a nickname (Chop chop) to perform lateral movement using windows services...
A2P2V – Automated Attack Path Planning and Validation
Automated Attack Path Planning and Validation (A2P2V) is a planning and cyber-attack tool that provides the capability for users to...
defenselessV1 – Just Another Vulnerable Web Application
Defenseless is a vulnerable web application written in PHP/MySQL. This is the first version of this application. The purpose of...
Redpill – Assist Reverse Tcp Shells In Post-Exploration Tasks
Project DescriptionThe redpill project aims to assist reverse tcp shells in post-exploration tasks. Often in redteam engagements we need to...
EmailFinder – Search Emails From A Domain Through Search Engines
_______ _______ _ ______ _______ ( ____ ( ____ ( ( /|( __ ( ____ )| ( /| ( /|...
pyWhat – Identify Anything. Easily Lets You Identify Emails, IP Addresses, And More…
The easiest way to identify anythingpip3 install pywhat && pywhat --helpWhat is this? Imagine this: You come across some mysterious...
Nebula – Cloud C2 Framework, Which At The Moment Offers Reconnaissance, Enumeration, Exploitation, Post Exploitation On AWS
Nebula is a Cloud and (hopefully) DevOps Penetration Testing framework. It is build with modules for each provider and each...
iOS Malicious Bit Hunter – A Malicious Plug-In Detection Eng ine For iOS Applications
iOS Malicious Bit Hunter is a malicious plug-in detection engine for iOS applications. It can analyze the head of the...
Interactsh – An OOB Interaction Gathering Server And Client Library
Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external...
BlueCloud – Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D
Cyber Range deployment of HELK and Velociraptor! Automated terraform deployment of one system running HELK + Velociraptor server with one...
Neurax – A Framework For Constructing Self-Spreading Binaries
A framework that aids in creation of self-spreading software Requirementsgo get -u github.com/redcode-labs/Coldfire go get -u github.com/yelinaung/go-haikunator New in v....
Libinjection – SQL / SQLI Tokenizer Parser Analyzer
SQL / SQLI tokenizer parser analyzer. For C and C++ PHP Python Lua Java (external port) (https://github.com/p0pr0ck5/lua-ffi-libinjection) (external port) See...
SharpWebServer – HTTP And WebDAV Server With Net-NTLM Hashes Capture Functionality
A Red Team oriented simple HTTP & WebDAV server written in C# with functionality to capture Net-NTLM hashes. To be...
Bbscope – Scope Gathering Tool For HackerOne, Bugcrowd, And Intigriti!
The ultimate scope gathering tool for HackerOne, Bugcrowd, and Intigriti by sw33tLie. Need to grep all the large scope domains...
ColdFire – Golang Malware Development Library
Golang malware development framework IntroductionColdFire provides various methods useful for malware development in Golang. Most functions are compatible with both...
Link – A Command And Control Framework Written In Rust
link is a command and control framework written in rust. Currently in beta. Introductionlink provides MacOS, Linux and Windows implants...
Totp-Ssh-Fluxer – Take Security By Obscurity To The Next Level (This Is A Bad Idea, Don’T Really Use This Please)
Some people change their SSH port on their servers so that it is slightly harder to find for bots or...
RedWarden – Flexible CobaltStrike Malleable Redirector
RedWarden - Flexible CobaltStrike Malleable Redirector(previously known as proxy2's malleable_redirector plugin) Let's raise the bar in C2 redirectors IR resiliency,...
