Registry-Recon – Cobalt Strike Aggressor Script That Performs System/AV/EDR Recon
Cobalt Strike How does this work?Primarily, using Cobalt Strike's breg_query and breg_queryv functions. Then, all beacon output is hijacked with...
Tools
pwnSpoof – Generates realistic spoofed log files for common web servers with customisable attack scenarios
pwnSpoof (from About The ProjectpwnSpoof was created on the back of a Road MappwnSpoof is built to produce to authentic...
Nosferatu – Lsass NTLM Authentication Backdoor
Lsass NTLM Login example using Impacket:LimitationsIn an Active Directory environment, authentication via RDP, runas, or the lock screen does not...
Msticpy – Microsoft Threat Intelligence Security Tools
Microsoft The msticpy package was initially developed to support This is an unsupervised learning module implemented using SciKit Learn DBScan.More...
Kubernetes-Goat – Is A “Vulnerable By Design” Kubernetes Cluster. Designed To Be An Intentionally Vulnerable Cluster Environment To Learn And Practice Kubernetes Security
The Kubernetes Goat is designed to be an intentionally Upcoming Training's and SessionsDEFCON DEMO Labshttps://forum.defcon.org/node/237237Cloud Village - DEFCONhttps://cloud-village.org/#talks?collapseMadhuAkulaRecent Kubernetes Goat...
Kube-Applier – Enables Automated Deployment And Declarative Configuration For Your Kubernetes Cluster
kube-applier is a service that enables kube-applier hosts a status page on a webserver, served at the service endpoint URL....
JVMXRay – Make Java Security Events Of Interest Visible For Analysis
JVMXRay is a technology for monitoring access to system resources within the Java Virtual Machine. It’s designed with application security...
Hyenae-Ng – An Advanced Cross-Platform Network Packet Generator And The Successor Of Hyenae
Hyenae NG (Next Generation) is a re-write of the original Hyenae tool which was originally published back in the year...
Gotanda – Browser Web Extension For OSINT
Gotanda is OSINT(Open Source Intelligence) Web Extension for Firefox/Chrome.This Web Extension could search OSINT information from some IOC in web...
Fhex – A Full-Featured HexEditor
This project is born with the aim to develop a lightweight, but useful tool. The reason is that the existing...
EXOCET – AV-evading, Undetectable, Payload Delivery Tool
EXOCET is superior to Metasploit's "Evasive Payloads" modules as EXOCET uses AES-256 in GCM Mode (Galois/Counter Mode). Metasploit's Evasion Payloads...
Cumulus – Web Application Weakness Monitoring, It Would Be Working By Add Just 3 Codelines
Cumulus is a service that helps you monitor and fix security weakness in realtime. The issues will be reported on...
ChopChop – ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders
ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT.Its goal...
Canadian Furious Beaver – A Tool For Monitoring IRP Handler In Windows Drivers, And Facilitating The Process Of Analyzing, Replaying And Fuzzing Windows Drivers For Vulnerabilities
Furious Beaver is a IRP detailsIRP replayConceptIrpDumper.sys is the driver part of the CFB Broker that will auto-extract and install...
AzureHunter – A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365
A Powershell module to run UsageEnsure you connect to ExchangeOnlineIt's recommended that you run Connect-ExchangeOnline before running any AzureHunter commands....
Ad-Honeypot-Autodeploy – Deploy A Small, Intentionally Insecure, Vulnerable Windows Domain For RDP Honeypot Fully Automatically
Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically.Runs on self-hosted The images should be ready...
Abaddon – Make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities
Red team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating...
Boofuzz – Network Protocol Fuzzing for Humans
Boofuzz is a fork of and the successor to the venerable Boo from Monsters IncInstallationpip install boofuzzBoofuzz installs as a...
Covert-Control – Google Drive, OneDrive And Youtube As Covert-Channels – Control Systems Remotely By Uploading Files To Google Drive, OneDrive, Youtube Or Telegram
Control systems remotely by uploading files to Google Drive, OneDrive, After finding there is Installationsudo apt install libzbar0pip install bs4...
FormatFuzzer – A Framework For High-Efficiency, High-Quality Generation And Parsing Of Binary Inputs
FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs. It takes a binary template that describes...
RottenPotatoNG – A C++ DLL And Standalone C++ Binary – No Need For Meterpreter Or Other Tools
New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools....
Private Set Membership (PSM) – Cryptographic Protocol That Allows Clients To Privately Query
Private Set Membership (PSM) is a cryptographic protocol that allows clients to privately query whether the client's identifier is a...
Ddosify – High-performance Load Testing Tool
FeaturesProtocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other Note: If the request count is too low for the...
Koppeling – Adaptive DLL Hijacking / Dynamic Export Forwarding
This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking"...
