Hybrid Cloud Solutions Made Simple
Hybrid cloud solutions are the future. It is a solution that merges public cloud and private cloud services or public cloud services with proprietary software. The goal is to enable communication between every distinct service. Hybrid cloud strategies will give your business a higher level of flexibility. They transfer workloads between cloud solutions to match your changing costs and needs. Hybrid...
Cliam : Multi Cloud IAM Permissions Enumeration Tool
Cliam is a simple cloud permissions identifier. There are two main components to the CLI. Most of the enumerated permissions are list, describe or get permissions. Only permissions that does not require a specific resource are tested. enumerate which can be used to enumerate specific permissions (recommended)Some service providers have service groups that can check for permissions for a specific subset...
LDAPFragger : Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data
.png "LDAPFragger : Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data")
LDAPFragger is a Command and Control tool that enables attackers to route Cobalt Strike beacon data over LDAP using user attributes. For background information, read the release blog: http://blog.fox-it.com/2020/03/19/ldapfragger-command-and-control-over-ldap-attributes Dependencies and installation Compiled with .NET 4.0, but may work with older and newer .NET frameworks as well Usage _ _ _ | | | | / || | | | _ _ _ | | _...
FirmWire : b Full-System Baseband Firmware Emulation Platform
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and debugging of baseband firmware images. See the FirmWire documentation to get started! Installation The recommended way of using FirmWire is by using the supplied Dockerfile. To build the docker file, execute the following commands: git clone https://github.com/FirmWire/FirmWire.gitcd FirmWiregit clone https://github.com/FirmWire/panda.gitThis will take some timedocker build -t firmwire...
LeakedHandlesFinder : Leaked Windows Processes Handles Identification Tool
.png "LeakedHandlesFinder : Leaked Windows Processes Handles Identification Tool")
Leaked Windows processes handles identification tool. Useful for identify new LPE vulnerabilities during a pentest or simply as a new research process. Currently supports exploiting (autopwn) procesess leaked handles spawning a new arbitrary process (cmd.exe default). LHF identifies in realtime inherited handles and gives the researcher explotability tips Presented at rootedcon 2022 https://www.rootedcon.com/ponentes-rooted2022/. Presentation -> Presentation/Exploiting Leaked Handles for LPE.pdf Download
Pybatfish : Python Client For Batfish (Network Configuration Analysis Tool)
Pybatfish is a Python client for Batfish. What is Batfish? Batfish is a network validation tool that provides correctness guarantees for security, reliability, and compliance by analyzing the configuration of network devices. It builds complete models of network behavior from device configurations and finds violations of network policies (built-in, user-defined, and best-practices). A primary use case for Batfish is to validate configuration changes before deployment...
Moonwalk : Cover Your Tracks During Linux Exploitation By Leaving Zero Traces
.png "Moonwalk : Cover Your Tracks During Linux Exploitation By Leaving Zero Traces")
moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of system logs pre-exploitation and reverts that state including the filesystem timestamps post-exploitation leaving zero traces of a ghost in the shell. Features Small Executable: Get started quickly with a curl fetch to your target machine.Fast: Performs all session commands including logging, trace clearing, and filesystem operations...
Nanodump : A Crappy LSASS Dumper With No ASCII Art
Nanodump, a flexible tool that creates a minidump of the LSASS process. Features It uses syscalls (with SysWhispers2) for most operations.Syscalls are called from an ntdll address to bypass some syscall detections.It sets the syscall callback hook to NULL.Windows APIs are called using dynamic invoke.You can choose to download the dump without touching disk or write it to a file.The minidump by default has...
BackupOperatorToDA : From An Account Member Of The Group Backup Operators To Domain Admin
.png "BackupOperatorToDA : From An Account Member Of The Group Backup Operators To Domain Admin")
BackupOperatorToDA, From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain Controller. If you compromise an account member of the group Backup Operators you can become the Domain Admin without RDP or WinRM on the Domain Controller. All credit from filip_dragovic with his inital POC ! I build this project because I wanted to have...
Requests-Ip-Rotator : A Python Library To Utilize AWS API Gateway’s Large IP Pool
Requests-Ip-Rotator is a Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing. This library will allow the user to bypass IP-based rate-limits for sites and services. X-Forwarded-For headers are automatically randomised and applied unless given. This is because otherwise, AWS will send the client's true IP address...
