Villain : Windows And Linux Backdoor Generator And Multi-Session Handler
.png "Villain : Windows And Linux Backdoor Generator And Multi-Session Handler")
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team. The main idea behind the payloads generated by this tool is inherited from HoaxShell. One could say that Villain is an evolved, steroid-induced version of it. Video...
PXEThief : Extract Passwords From The Operating System Deployment Functionality
.png "PXEThief : Extract Passwords From The Operating System Deployment Functionality")
PXEThief is a set of tooling that implements attack paths discussed at the DEF CON 30 talk Pulling Passwords out of Configuration Manager (https://forum.defcon.org/node/241925) against the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager (or ConfigMgr, still commonly known as SCCM). It allows for credential gathering from configured Network Access Accounts (https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/accounts#network-access-account) and any Task Sequence Accounts or...
Cypherhound : Terminal Application That Contains 260+ Neo4j Cyphers For BloodHound Data Sets
.png "Cypherhound : Terminal Application That Contains 260+ Neo4j Cyphers For BloodHound Data Sets")
Cypherhound a Python3 terminal application that contains 260+ Neo4j cyphers for BloodHound data sets. Why? BloodHound is a staple tool for every red teamer. However, there are some negative side effects based on its design. I will cover the biggest pain points I've experienced and what this tool aims to address: My tools think in lists - until my tools parse exported...
Subparse : Modular Malware Analysis Artifact Collection And Correlation Framework
.png "Subparse : Modular Malware Analysis Artifact Collection And Correlation Framework")
Subparse, is a modular framework developed by Josh Strochein, Aaron Baker, and Odin Bernstein. The framework is designed to parse and index malware files and present the information found during the parsing in a searchable web-viewer. The framework is modular, making use of a core parsing engine, parsing modules, and a variety of enrichers that add additional information to...
AzureHound : Azure Data Exporter For BloodHound
AzureHound is a bloodHound data collector for Microsoft Azure. Get AzureHound Release Binaries Download the appropriate binary for your platform from one of our Releases. Rolling Release The rolling release contains pre-built binaries that are automatically kept up-to-date with the main branch and can be downloaded from here. Warning: The rolling release may be unstable. Compiling Prerequisites Go 1.18 or later To build this project from source run the...
Xerror – An Automated Penetration Testing Tool With GUI
Xerror is an automated pentesting tool, which helps security professionals and nonprofessionals to automate their pentesting tasks. It will perform all tests and, at the end generate two reports for executives and analysts. Xerror provides GUI easy to use menu driven options. Internally it supports openVas for vulnerability scanning, Metasploit for exploitation and gives GUI based options after successful exploitation...
Mongoaudit – An Audit and Pentesting Tool for MongoDB Databases
Databases typically store sensitive data or data that is important for the company. Mongoaudit helps to audit several technical aspects of running a MongoDB instance and get it properly secured. Usage and Audience Mongoaudit is commonly used for Application security or Database security. Target users for this tool are pentesters, security professionals, and system administrators. Installation Clone this repository and run the...
ADFSRelay : Proof Of Concept Utilities Developed To Research NTLM Relaying Attacks Targeting ADFS
.png "ADFSRelay : Proof Of Concept Utilities Developed To Research NTLM Relaying Attacks Targeting ADFS")
ADFSRelay is a repository includes two utilities NTLMParse and ADFSRelay. NTLMParse is a utility for decoding base64-encoded NTLM messages and printing information about the underlying properties and fields within the message. Examining these NTLM messages is helpful when researching the behavior of a particular NTLM implementation. ADFSRelay is a proof of concept utility developed while researching the feasibility of...
Protecting Kubernetes Deployments with Azure Sentinel
What Is Azure Sentinel? Microsoft Sentinel is a cloud native security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution. It provides security analytics, threat intelligence, threat visibility, attack detection, proactive hunting, and threat response. It builds on Azure services, natively incorporating proven foundations, such as Logic Apps and Log Analytics. It enriches investigation and detection with...
Reconator – Automated Recon for Pentesting & Bug Bounty
Reconator is a Framework for automating your process of reconnaissance without any Computing resource (Systemless Recon) at free of cost. It is designed to host on Heroku which is a free cloud hosting provider. It performs the work of enumerations along with many vulnerability checks and obtains maximum information about the target domain. It also performs various vulnerability checks like XSS,...
