truffleHog previously functioned by running entropy checks on git diffs. This functionality still exists, but high signal regex checks have…
Get-RBCD-Threaded is a tool to discover Resource-Based Constrained Delegation attack paths in Active Directory Environments Based almost entirely on wonderful…
CloudSploit by Aqua is an open-source project designed to allow detection of security risks in cloud infrastructure accounts, including: Amazon…
Dive is a tool for exploring a docker image, layer contents, and discovering ways to shrink the size of your…
PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells.…
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration…
LDAP Password Hunter is a tool which wraps features of getTGT.py (Impacket) and ldapsearch in order to look up for…
AWS-Loot tool allows quick enumeration over large sets of AWS instances and services. Install pip install -r requirements.txt An AWS…
EDRHunt scans Windows services, drivers, processes, registry for installed EDRs (Endpoint Detection And Response). Read more about EDRHunt Install BinaryDownload…
Wslu is a collection of utilities for Windows 10 Linux Subsystem, such as retrieving Windows 10 environment variables or creating…