AzureHound : Azure Data Exporter For BloodHound
AzureHound is a bloodHound data collector for Microsoft Azure. Get AzureHound Release Binaries Download the appropriate binary for your platform from one of our Releases. Rolling Release The rolling release contains pre-built binaries that are automatically kept up-to-date with the main branch and can be downloaded from here. Warning: The rolling release may be unstable. Compiling Prerequisites Go 1.18 or later To build this project from source run the...
Xerror – An Automated Penetration Testing Tool With GUI
Xerror is an automated pentesting tool, which helps security professionals and nonprofessionals to automate their pentesting tasks. It will perform all tests and, at the end generate two reports for executives and analysts. Xerror provides GUI easy to use menu driven options. Internally it supports openVas for vulnerability scanning, Metasploit for exploitation and gives GUI based options after successful exploitation...
Mongoaudit – An Audit and Pentesting Tool for MongoDB Databases
Databases typically store sensitive data or data that is important for the company. Mongoaudit helps to audit several technical aspects of running a MongoDB instance and get it properly secured. Usage and Audience Mongoaudit is commonly used for Application security or Database security. Target users for this tool are pentesters, security professionals, and system administrators. Installation Clone this repository and run the...
ADFSRelay : Proof Of Concept Utilities Developed To Research NTLM Relaying Attacks Targeting ADFS
.png "ADFSRelay : Proof Of Concept Utilities Developed To Research NTLM Relaying Attacks Targeting ADFS")
ADFSRelay is a repository includes two utilities NTLMParse and ADFSRelay. NTLMParse is a utility for decoding base64-encoded NTLM messages and printing information about the underlying properties and fields within the message. Examining these NTLM messages is helpful when researching the behavior of a particular NTLM implementation. ADFSRelay is a proof of concept utility developed while researching the feasibility of...
Protecting Kubernetes Deployments with Azure Sentinel
What Is Azure Sentinel? Microsoft Sentinel is a cloud native security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution. It provides security analytics, threat intelligence, threat visibility, attack detection, proactive hunting, and threat response. It builds on Azure services, natively incorporating proven foundations, such as Logic Apps and Log Analytics. It enriches investigation and detection with...
Reconator – Automated Recon for Pentesting & Bug Bounty
Reconator is a Framework for automating your process of reconnaissance without any Computing resource (Systemless Recon) at free of cost. It is designed to host on Heroku which is a free cloud hosting provider. It performs the work of enumerations along with many vulnerability checks and obtains maximum information about the target domain. It also performs various vulnerability checks like XSS,...
FarsightAD : PowerShell Script That Aim To Help Uncovering (Eventual) Persistence Mechanisms
FarsightAD is a PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory domain compromise. The script produces CSV / JSON file exports of various objects and their attributes, enriched with timestamps from replication metadata. Additionally, if executed with replication privileges, the Directory Replication Service (DRS) protocol is leveraged to detect...
Tethering Your Smartphone To A Linux Desktop – What You Should Know?
Using your phone’s internet on your Linux PC is fairly straightforward, and similar to that of Windows or Mac, with a few subtle differences to know about. If you want to take your Linux computer online, but don’t have any wireless or ethernet network nearby, the best solution is tethering your smartphone. Having emerged during the primitive age of 2G,...
Havoc : Modern and malleable post-exploitation command and control framework
.png "Havoc : Modern and malleable post-exploitation command and control framework")
Havoc is a modern and malleable post-exploitation command and control framework, created by @C5pider. ⚠️Havoc is in an early state of release. Breaking changes may be made to APIs/core structures as the framework matures. Support Consider supporting C5pider on Patreon/Github Sponsors. Additional features are planned for supporters in the future, such as custom agents/plugins/commands/etc. Quick Start Please see the Wiki for complete documentation. Havoc works...
OFRAK : Unpack, Modify, And Repack Binaries
.png "OFRAK : Unpack, Modify, And Repack Binaries")
OFRAK (Open Firmware Reverse Analysis Konsole) is a binary analysis and modification platform. OFRAK combines the ability to: Identify and Unpack many binary formats Analyze unpacked binaries with field-tested reverse engineering tools Modify and Repack binaries with powerful patching strategies OFRAK supports a range of embedded firmware file formats beyond userspace executables, including: Compressed filesystems Compressed & checksummed firmware Bootloaders RTOS/OS kernels OFRAK equips users with: A Graphical User...
