Nipe : An Engine To Make Tor Network Your Default Gateway
Nipe is an engine to make Tor Network your default gateway. The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It is used by a wide variety of people, companies and organizations, both for lawful activities and for other illicit purposes. Tor has been largely used by intelligence agencies, hacking...
Sentinel-Attack : Tools To Rapidly Deploy A Threat Hunting Capability On Azure Sentinel
Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel Overview Sentinel ATT&CK provides the following tools: An ARM template to automatically deploy Sentinel ATT&CK to your Azure environmentA Sysmon configuration file compatible with Azure Sentinel and mapped to specific ATT&CK techniquesA Sysmon log parser mapped against the OSSEM data model117 ready-to-use Kusto detection rules covering 156 ATT&CK techniquesA Sysmon threat hunting workbook inspired...
AzureRT : A Powershell Module Implementing Various Azure Red Team Tactics
.png "AzureRT : A Powershell Module Implementing Various Azure Red Team Tactics")
AzureRT is a Powershell module implementing various cmdlets to interact with Azure and Azure AD from an offensive perspective. Helpful utilities dealing with access token based authentication, switching from Az to AzureAD and az cli interfaces, easy to use pre-made attacks such as Runbook-based command execution and more. The Most Valuable Cmdlets This toolkit brings lots of various cmdlets. This section highlights the most important & useful ones. Typical...
AWS-Threat-Simulation-and-Detection : Playing Around With Stratus Red Team And SumoLogic
.png "AWS-Threat-Simulation-and-Detection : Playing Around With Stratus Red Team And SumoLogic")
AWS-Threat-Simulation-and-Detection, this repository is a documentation of my adventures with Stratus Red Team - a tool for adversary emulation for the cloud. Stratus Red Team is "Atomic Red Team for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner. We run the attacks covered in the Stratus Red Team repository one by one on our AWS account. In order...
Lockc : Making Containers More Secure With eBPF And Linux Security Modules (LSM)
.png "Lockc : Making Containers More Secure With eBPF And Linux Security Modules (LSM)"){kind=logo}
lockc is open source sofware for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main reason why lockc exists is that containers do not contain. Containers are not as secure and isolated as VMs. By default, they expose a lot of information about host OS and provide ways to "break out" from the container. lockc aims to provide more isolation to...
Puwr : SSH Pivoting Script For Expanding Attack Surfaces On Local Networks
.png "Puwr : SSH Pivoting Script For Expanding Attack Surfaces On Local Networks")
Puwr will Easily expand your attack surface on a local network by discovering more hosts, via SSH. Using a machine running a SSH service, Puwr uses a given subnet range to scope out IP's, sending back any successful ping requests it has. This can be used to create a pivoting attack from a compromised machine, by returning you hosts...
Atomic-Operator : A Python Package Is Used To Execute Atomic Red Team Tests
.png "Atomic-Operator : A Python Package Is Used To Execute Atomic Red Team Tests"){kind=logo}
atomic-operator enables security professionals to test their detection and defensive capabilities against prescribed techniques defined within atomic-red-team. By utilizing a testing framework such as atomic-operator, you can identify both your defensive capabilities as well as gaps in defensive coverage. Additionally, atomic-operator can be used in many other situations like: Generating alerts to test productsTesting EDR and other security toolsIdentifying way to perform defensive evasion from an...
COM-Hunter : COM Hijacking VOODOO
COM-hunter is a COM Hijacking persistence tool written in C#. Features Finds out entry valid CLSIDs in the victim's machine.Finds out valid CLSIDs via Task Scheduler in the victim's machine.Finds out if someone already used any of those valid CLSIDs in order to do COM persistence (LocalServer32/InprocServer32).Finds out if someone already used any of valid CLSID via Task Scheduler in order...
CRLFsuite : Fast CRLF Injection Scanning Tool
.png "CRLFsuite : Fast CRLF Injection Scanning Tool"){kind=logo}
CRLFsuite is a fast tool specially designed to scan CRLF injection. Installation $ git clone https://github.com/Nefcore/CRLFsuite.git$ cd CRLFsuite$ sudo python3 setup.py install$ crlfsuite -h Features ✔️ Single URL scanning ✔️ Multiple URL scanning ✔️ WAF detection ✔️ XSS through CRLF injection ✔️ Stdin supported ✔️ GET & POST method supported ✔️ Concurrency ✔️ Powerful payloads (WAF evasion payloads are also included) ✔️ Fast and efficient scanning with negligible false-positive Arguments ArgumentDiscription-u/--urltarget URL-i/--import-urlsImport targets from the file-s/--stdinScan URLs from stdin-o/--outputPath for output file-m/--methodRequest method...
Cybersecurity in No-Code platforms: Key Principles
If you're developing an application using no-code platform, it's important to understand the risks of cybersecurity. A no-code software makes it easier than ever before for developers and non-developers alike to create applications. With so many people able to access your codebase, however, you must be equally as ready for anything that could go wrong. Below are some generalized principles and...
