Bento – A Minimal Fedora-Based Container For Penetration Tests And CTF With The Sweet Addition Of GUI Applications
A bento (弁当, bentō) is a single-portion take-out or home-packed meal of Japanese origin. Bento Toolkit is a simple and...
tools
Scilla – Information Gathering Tool (DNS/Subdomain/Port Enumeration)
Information Gathering Tool - Dns/Subdomain/Port EnumerationInstallationFirst of all, clone the repo locally git clone https://github.com/edoardottt/scilla.git Scilla has external dependencies, so...
Go365 – An Office365 User Attack Tool
Go365 is a tool designed to perform user enumeration* and password guessing attacks on organizations that use Office365 (now/soon Microsoft365)....
E9Patch – A Powerful Static Binary Rewriting Tool
E9Patch is a powerful static binary rewriting tool for x86_64 Linux ELF binaries. E9Patch is: Scalable: E9Patch can reliably rewrite...
PoshBot – Powershell-based Bot Framework
PoshBot is a chat bot written in PowerShell. It makes extensive use of classes introduced in PowerShell 5.0. PowerShell modules...
Help Others Be “Cyber Aware” This Festive Season—And All Year Round!
Are you tired of being the cybersecurity help desk for everyone you know? Are you frustrated with spending all your...
How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM
Since the launch of InsightVM’s Custom Policy Builder in June of this year, hundreds of organizations have created and customized...
Freki – Malware Analysis Platform
Freki is a free and open-source malware analysis platform.GoalsFacilitate malware analysis and reverse engineering; Provide an easy-to-use REST API...
Ghost Framework – An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device
About Ghost FrameworkGhost Framework is an Android post-exploitation framework that exploits theAndroid Debug Bridge to remotely access an Android device....
Happy HaXmas from the Rapid7 Team!
Happy HaXmas, everyone! This has been quite the year, but we’re thrilled that we’re able to keep up our favorite...
APKLab – Android Reverse Engineering WorkBench For VS Code
APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer and more to the excellent VS Code so you can...
ToRat – A Remote Administation Tool Written In Go Using Tor As A Transport Mechanism And RPC For Communication
A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS...
The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices
Back in July, Rapid7 released its first-ever National / Industry / Cloud Exposure Report, otherwise known as “NICER.” This report...
WSMan-WinRM – A Collection Of Proof-Of-Concept Source Code And Scripts For Executing Remote Commands Over WinRM Using The WSMan.Automation COM Object
A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object.BackgroundFor background...
Stegseek – Worlds Fastest Steghide Cracker, Chewing Through Millions Of Passwords Per Second
Stegseek is a lightning fast steghide cracker that can be used to extract hidden data from files. It is built...
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds...
Slipstream – NAT Slipstreaming Allows An Attacker To Remotely Access Any TCP/UDP Services Bound To A Victim Machine, Bypassing The Victim’s NAT/firewall, Just By The Victim Visiting A Website
NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim's NAT/firewall...
403Bypasser – Burpsuite Extension To Bypass 403 Restricted Directory
An burpsuite extension to bypass 403 restricted directory. By using PassiveScan (default enabled), each 403 request will be automatically scanned...
Gustave – Embedded OS kernel fuzzer
GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL (and all of its...
Carnivore – Tool For Assessing On-Premises Microsoft Servers Authentication Such As ADFS, Skype, Exchange, And RDWeb
Carnivore is an assessment tool for Skype for Business, Exchange, ADFS, and RDWeb servers as well as some O365 functionality....
Sak1To-Shell – Multi-threaded C2 Server And Reverse Shell Client Written In Pure C
Multi-threaded c2 server and reverse TCP shell client written in pure C (Windows). Command list: list: list available connections. interact...
DarkSide – Tool Information Gathering And Social Engineering
Features:Hacker DashboardHacker News New Exploits Hacking Tutorials Video The Latest Prices OF Digital Currencies Information GatheringBypass Cloud Flare Cms Detect...
NICER Protocol Deep Dive: Internet Exposure of etcd
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
RESTler – The First Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs In These Services
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding...
