Kubeeye : Audit Tool For Kubernetes
KubeEye is an inspection tool for Kubernetes to discover Kubernetes resources (by OPA ), cluster components, cluster nodes (by Node-Problem-Detector) and other configurations are meeting with best practices, and giving suggestions for modification. KubeEye supports custom inspection rules and plugins installation. Through KubeEye Operator, you can view the inspection results and modification suggestions by the graphical display on the web page. Architecture KubeEye get cluster resource...
XLL_Phishing : XLL Phishing Tradecraft
.png "XLL_Phishing : XLL Phishing Tradecraft")
XLL_Phishing, With Microsoft's recent announcement regarding the blocking of macros in documents originating from the internet (email AND web download), attackers have began aggressively exploring other options to achieve user driven access (UDA). There are several considerations to be weighed and balanced when looking for a viable phishing for access method: Complexity - The more steps that are required on the user's...
unblob : Extract files from any kind of container formats
.png "unblob : Extract files from any kind of container formats")
unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats, extracts their content recursively, and carves out unknown chunks that have not been accounted for. Unblob is free to use, licensed with the MIT license. It has a Command Line Interface and can be used as a Python library.This turns unblob into the perfect companion for extracting, analyzing, and reverse...
kics : Find security vulnerabilities, compliance issues, and infrastructure misconfigurations
.png "kics : Find security vulnerabilities, compliance issues, and infrastructure misconfigurations")
KICS, which stands for Keeping Infrastructure as Code Secure, is an essential component of every cloud-native project and is open source. Use KICS by Checkmarx to identify security flaws, legal compliance problems, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code. How it Works KICS's built-in extensibility is what makes it so strong and well-liked. Achieving this extensibility entails: Queries...
SharpImpersonation : A User Impersonation Tool – Via Token Or Shellcode Injection
.png "SharpImpersonation : A User Impersonation Tool – Via Token Or Shellcode Injection")
SharpImpersonation is a User Impersonation Tool - Via Token Or Shellcode Injection. This was a learning by doing project from my side. Well known techniques are used to built just another impersonation tool with some improvements in comparison to other public tools. The code base was taken from: https://github.com/0xbadjuju/Tokenvator A blog post for the intruduction can be found here: https://s3cur3th1ssh1t.github.io/SharpImpersonation-Introduction/ List user processes List only elevated...
SDomDiscover : A Easy-To-Use Python Tool To Perform DNS Recon
.png "SDomDiscover : A Easy-To-Use Python Tool To Perform DNS Recon")
SDomDiscover a easy-to-use python tool to perform dns recon, subdomain enumeration and much more The purpouse of this tool is helping bug haunters and pentesters during reconnaissance If you want to know more about the tool you can read my own post in my blog (written in spanish) Installation It can be used in any system with python3 You can easily install AORT using pip: pip3 install...
Pinecone : A WLAN Red Team Framework
.png "Pinecone : A WLAN Red Team Framework"){kind=logo}
Pinecone is a WLAN networks auditing tool, suitable for red team usage. It is extensible via modules, and it is designed to be run in Debian-based operating systems. Pinecone is specially oriented to be used with a Raspberry Pi, as a portable wireless auditing box. This tool is designed for educational and research purposes only. Only use it with explicit...
Nim-RunPE : A Nim Implementation Of Reflective PE-Loading From Memory
.png "Nim-RunPE : A Nim Implementation Of Reflective PE-Loading From Memory")
Nim-RunPE , is a Nim implementation of reflective PE-Loading from memory. The base for this code was taken from RunPE-In-Memory - which I ported to Nim. You'll need to install the following dependencies: nimble install ptr_math winim I did test this with Nim Version 1.6.2 only, so use that version for testing or I cannot guarantee no errors when using another version. Compile If you want...
GraphCrawler : GraphQL Automated Security Testing Toolkit
.png "GraphCrawler : GraphQL Automated Security Testing Toolkit")
Graph Crawler is the most powerful automated testing toolkit for any GraphQL endpoint. Version 1.2 is out NEW: Can search for endpoints for you using Escape Technology's powerful Graphinder tool. Just point it towards a domain and add the '-e' option and Graphinder will do subdomain enumeration + search popular directories for GraphQL endpoints. After all this GraphCrawler will take over and work...
Gohide : Tunnel Port To Port Traffic Over An Obfuscated Channel With AES-GCM Encryption
.png "Gohide : Tunnel Port To Port Traffic Over An Obfuscated Channel With AES-GCM Encryption")
Gohide, Tunnel port to port traffic via an obfuscated channel with AES-GCM encryption. Obfuscation Modes Session Cookie HTTP GET (http-client)Set-Cookie Session Cookie HTTP/2 200 OK (http-server)WebSocket Handshake "Sec-WebSocket-Key" (websocket-client)WebSocket Handshake "Sec-WebSocket-Accept" (websocket-server)No obfuscation, just use AES-GCM encrypted messages (none) AES-GCM is enabled by default for each of the options above. Usage root@WOPR-KALI:/opt/gohide-dev# ./gohide -hUsage of ./gohide:-f stringlisten fake server -r x.x.x.x:xxxx (ip/domain:port) (default "0.0.0.0:8081")-key...
