Tagged: penetration testing
FakeDataGen is a Full Valid Fake Data Generator. This tool helps you to create fake accounts (in Spanish format) with fully valid data. Within this information, you can find the most common names, emails,...
The recommended module is o365 for user enumeration and passwords bruteforce / spray . Additional information can be retrieved to avoid account lockout, to know that the password is good but expired, MFA enabled,…...
[*] ELFXtract is an automated analysis tool used for enumerating ELF binaries Powered by Radare2 and r2ghidra This is specially developed for PWN challenges and it has many automated features It almost displays every...
Web Service write in Python for control and protect your android device remotely. The official app can be found on the PlayStore: NanobrokPro Nanobrok Community Overview Nanobrok-Server is powerful opensource webservice for control and...
PyQT app to list all Living Off The Land Binaries and Scripts for Windows from LOLBAS and Unix binaries that can be used to bypass local security restrictions in misconfigured systems from GTFOBins. Widnows...
RedHerd is a collaborative and serverless framework for orchestrating a geographically distributed group of assets capable of conducting simulating complex offensive cyberspace operations. Getting Started Take a look at the RedHerd documentation for instructions...
A container image that extracts the underlying container runtime and sends it to a remote server. Poke at the underlying container runtime of your favorite CSP container platform! WhoC at Defcon 29 Cloud Village...
“My little birds are everywhere, even in the North, they whisper to me the strangest stories.” – Lord Varys Whispers is a static code analysis tool designed for parsing various common data formats in...
UDP Scanning has always been a slow and painful exercise, and if you add IPv6 on top of UDP, the tool choices get pretty limited. UDP Hunter is a python based open source network...
ThreatBox is a standard and controlled Linux based attack platform. I’ve used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code...
Program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application. About I developed this small project to continue my experiences of different code injection methods and to allow RedTeam security professionals...
Hyenae NG (Next Generation) is a re-write of the original Hyenae tool which was originally published back in the year 2010. Besides switching from C to C++, using modern design concepts, Hyenae NG was...
Static Token And Credential Scanner What is it? STACS is a YARA powered static credential scanner which suports binary file formats, analysis of nested archives, composable rulesets and ignore lists, and SARIF reporting. What...
A Cross Platform multifunctional (Windows/Linux/Mac) RAT. Getting Started Description A cross platform RAT written in pure Python. The RAT accept commands alongside arguments to either perform as the server who accepts connections or to...
Microsoft Threat Intelligence Python Security Tools. msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks. It includes functionality to: query log data from multiple sources enrich the data with Threat Intelligence,...
Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon. Author: Jess Hires Description As a red-team practitioner, we are often using tools that attempt to fingerprint details about a compromised system, preferably in the most...