EAST – Extensible Azure Security Tool – Documentation
Extensible Azure Security Tool (Later referred as E.A.S.T) is tool for assessing Azure and to some extent Azure AD security controls. Primary use case of EAST is Security data collection for evaluation in Azure Assessments. This information (JSON content) can then be used in various reporting tools, which we use to further correlate and investigate the data. This tool is...
Aws-Security-Assessment-Solution – An AWS Tool To Help You Create A Point In Time Assessment Of Your AWS Account
Aws-Security-Assessment-Solution is an AWS tool to help you create a point in time assessment of your AWS account using Prowler and Scout as well as optional AWS developed ransomware checks. Self-Service Security Assessment tool Cybersecurity remains a very important topic and point of concern for many CIOs, CISOs, and their customers. To meet these important concerns, AWS has developed a primary...
Suborner : The Invisible Account Forger
Suborner is a simple program to create a Windows account you will only know about :) Create invisible local accounts without net user or Windows OS user management applications (e.g. netapi32::netuseradd) Works on all Windows NT Machines (Windows XP to 11, Windows Server 2003 to 2022) Impersonate through RID Hijacking any existing account (enabled or disabled) after a successful authentication Create an...
Monomorph : MD5-Monomorphic Shellcode Packer
Monomorph is a MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash. ...
Sandfly-Entropyscan : Entropy Scanner For Linux To Detect Packed / Encrypted Binaries Related To Malware
Sandfly-Entropyscan is an Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes. Sandfly-Entropyscan is a utility to quickly scan files or running processes and report on their entropy (measure of randomness) and if they are a Linux/Unix ELF type executable. Some malware for...
DFShell : The Best Forwarded Shell
D3Ext's Forwarded Shell is a python3 script which use mkfifo to simulate a shell into the victim machine. It creates a hidden directory in /dev/shm/.fs/ and there are stored the fifos. You can even have a tty over a webshell. In case you want a good webshell with code obfuscation, login panel and more functions you have this webshell (scripted...
Dc-sonar : Functionality For Analyzing AD Domains For Security Risks Related To Accounts
The DC Sonar Community provides functionality for analyzing AD domains for security risks related to accounts. Repositories The project consists of repositories: dc-sonar-frontend dc-sonar-user-layer dc-sonar-workers-layer ntlm-scrutinizer Disclaimer It's only for education purposes. Avoid using it on the production Active Directory (AD) domain. Neither contributor incur any responsibility for any using it. Social media Check out our Red Team community Telegram channel Content Description Architecture Functionallity Installation Docker Manually using dpkg Style guide Deployment for development Docker Manually using Windows host and Ubuntu...
THE YARALYZER : Visually Inspect And Force Decode YARA And Regex Matches Found In Binary DATA And Text Data, With Colors
THE YARALYZER visually inspect all of the regex matches (and their sexier, more cloak and dagger cousins, the YARA matches) found in binary data and/or text. See what happens when you force various character encodings upon those matched bytes. With colors. Quick Start pipx install yaralyzer # Scan against YARA definitions in a file: yaralyze --yara-rules /secret/vault/sigmunds_malware_rules.yara lacan_buys_the_dip.pdf # Scan against an arbitrary regular...
SSTImap : Penetration Testing Tool For SSTI Detection And Exploitation
SSTImap is a penetration testing software that can check websites for Code Injection and Server-Side Template Injection vulnerabilities and exploit them, giving access to the operating system itself. This tool was developed to be used as an interactive penetration testing tool for SSTI detection and exploitation, which allows more advanced exploitation. Sandbox break-out techniques came from: James Kett's Server-Side Template Injection: RCE...
BlueHound : Tool That Helps Blue Teams Pinpoint The Security Issues
BlueHound is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your networkIt is a fork of NeoDash, reimagined, to make it suitable for defensive security purposes. To get started with BlueHound, check...
