Lsass NTLM Authentication Backdoor How it Works First, the DLL is injected into the lsass.exe process, and will begin hooking authentication WinAPI calls. The targeted function is MsvpPasswordValidate(), located in NtlmShared.dll. In the pursuit...
The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. Refer to https://madhuakula.com/kubernetes-goat for the guide. Show us some Please feel free to send us...
kube-applier is a service that enables continuous deployment of Kubernetes objects by applying declarative configuration files from a Git repository to a Kubernetes cluster. kube-applier runs as a Pod in your cluster and watches...
JVMXRay is a technology for monitoring access to system resources within the Java Virtual Machine. It’s designed with application security emphasis but some will also find it beneficial for software quality processes and diagnostics....
This project is born with the aim to develop a lightweight, but useful tool. The reason is that the existing hex editors have some different limitations (e.g. too many dependencies, missing hex coloring features,...
Gotanda is OSINT(Open Source Intelligence) Web Extension for Firefox/Chrome. This Web Extension could search OSINT information from some IOC in web page.(IP,Domain,URL,SNS…etc) This Repository partly the studying and JavaScript practice. Download link below. FireFox...
Cumulus is a service that helps you monitor and fix security weakness in realtime. The issues will be reported on web dashboard. It’s very simple and powerful. Key features Just install SDK to web...
EXOCET is superior to Metasploit’s “Evasive Payloads” modules as EXOCET uses AES-256 in GCM Mode (Galois/Counter Mode). Metasploit’s Evasion Payloads uses a easy to detect RC4 encryption. While RC4 can decrypt faster, AES-256 is...
New version of RottenPotato as a C++ DLL and standalone C++ binary – no need for meterpreter or other tools. RottenPotatoDLL This project generates a DLL and EXE file. The DLL contains all the...
ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot....
Red team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating and caution. Wavestone’s red team operations management software, Abaddon, has been designed to make...
Furious Beaver is a distributed tool for capturing IRPs sent to any Windows driver. It operates in 2 parts: the “Broker” combines both a user-land agent and a self-extractable driver (IrpDumper.sys) that will install...
A Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes. Getting Started 1. Check that you have the right O365 Permissions The following roles are required...
Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically. Runs on self-hosted virtualization using libvirtwith QEMU/KVM (but it can be customized easily for cloud-based solutions). Used for painlessly set up...
Boofuzz is a fork of and the successor to the venerable Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility. The goal: fuzz everything. Why? Sulley has been the preeminent open source...
Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram using Python to create the files and the listeners. It allows to create text files, images, audio or videos, with the...
