DumpSMBShare : A Script To Dump Files And Folders Remotely From A Windows SMB Share
.png "DumpSMBShare : A Script To Dump Files And Folders Remotely From A Windows SMB Share")
DumpSMBShare is a script to dump files and folders remotely from a Windows SMB share. Features Only list shares with --list-shares. Select only files with given extensions (with --extensions) or all files. Choose the local folder to dump to with --dump-dir. Select base folder to search from in the share with --base-dir. Usage $ ./DumpSMBShare.py -hDumpSMBShare v1.2 - by @podalirius_usage: Dump.py (-s SHARE | -l) ...
Can Linux Be Installed On a Mac?
Linux operating system is the most common open source OS used on servers, smartphones, desktop and laptop computers, and other compatible devices. It can run on most major computer platforms like ARM, SPARC, and x86; and is rated highly by many in the tech industry. There are different versions of Linux OS and all of them are capable of managing...
Smap : A Drop-In Replacement For Nmap Powered By Shodan.Io
.png "Smap : A Drop-In Replacement For Nmap Powered By Shodan.Io")
Smap is a replica of Nmap which uses shodan.io's free API for port scanning. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacement for Nmap. Features Scans 200 hosts per secondDoesn't require any account/api keyVulnerability detectionSupports all nmap's output formatsService and version fingerprintingMakes no contact to the targets Installation Binaries You can download a...
ADReaper : A Fast Enumeration Tool For Windows Active Directory Pentesting Written In Go
.png "ADReaper : A Fast Enumeration Tool For Windows Active Directory Pentesting Written In Go")
ADReaper is a tool written in Golang which enumerates an Active Directory environment with LDAP queries within few seconds Installation You can download precompiled executable binaries for Windows/Linux from latest releases Install from source To build from source, clone the repo and build it with GO $ git clone https://github.com/AidenPearce369/ADReaper$ cd ADReaper/$ go build Usage ADReaper performs enumeration with various commands that performs LDAP queries with respective to it PS C:UsersredteamerDesktopshared>...
KrbRelay : Framework For Kerberos Relaying
.png "KrbRelay : Framework For Kerberos Relaying")
KrbRelay should be working on most fully patched Windows systems. There may be difficulties with Server OS in lab environments because of the firewall blocking the OXID resolver however, this will most likely not be an issue during real life engagements, same goes for CLSIDs. Supported Protocols and Features Some protocols are more completed than others, PR's are welcomed. LLMNRLDAP/LDAPSHTTPEWSSMBv2RPC over SMBMS-SAMRMS-SCMRMS-RPRNMS-RRPMS-LSAT/MS-LSAD Examples LPE.KrbRelay.exe...
Zircolite : A Standalone SIGMA-based Detection Tool For EVTX, Auditd And Sysmon For Linux Logs
.png "Zircolite : A Standalone SIGMA-based Detection Tool For EVTX, Auditd And Sysmon For Linux Logs")
Zircolite is a standalone tool written in Python 3. It allows to use SIGMA rules on MS Windows EVTX (EVTX and JSONL format), Auditd logs and Sysmon for Linux logs Zircolite can be used directly on the investigated endpoint (use releases) or in your forensic/detection labZircolite is fast and can parse large datasets in just seconds (check benchmarks) Zircolite can be used directly in Python...
linWinPwn : A Bash Script That Automates A Number Of Active Directory Enumeration And Vulnerability Checks
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks. The script leverages and is dependent of a number of tools including: impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump. Setup Git clone the repository and make the script executable git clone https://github.com/lefayjey/linWinPwncd linWinPwn; chmod +x linWinPwn.sh Install requirements on Kali machines using the install.sh script chmod +x install.shsudo ./install.sh On...
OWASP Coraza WAF : A Golang Modsecurity Compatible Web Application Firewall Library
.png "OWASP Coraza WAF : A Golang Modsecurity Compatible Web Application Firewall Library")
OWASP Coraza Web Application Firewall, OWASP Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity's seclang language and is 100% compatible with OWASP Core Ruleset. Prerequisites Linux distribution (Debian and Centos are recommended, Windows is not supported yet)Golang compiler v1.16+ Migrate from v1 Rollback SecAuditLog to the legacy syntax (serial/concurrent)Attach an error log handler using waf.SetErrorLogCb(cb) (optional)the function Transaction.Clean() must be used...
Kraken : A Multi-Platform Distributed Brute-Force Password Cracking System
.png "Kraken : A Multi-Platform Distributed Brute-Force Password Cracking System")
Kraken is an online distributed brute force password cracking tool. It allows you to parallelize dictionaries and crunch word generator based cracking across multiple machines both as a web app in a web browser and as a standalone electron based client. Kraken aims to be easy to use, fault tolerant and scalable. I wrote Kraken because I wanted to learn...
vAPI : Vulnerable Adversely Programmed Interface Which Is Self-Hostable API
.png "vAPI : Vulnerable Adversely Programmed Interface Which Is Self-Hostable API")
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises. Requirements PHPMySQLPostManMITM Proxy Installation (Docker) docker-compose up -d Installation (Manual) Copying the Code cd <your-hosting-directory> git clone https://github.com/roottusk/vapi.git Setting up the Database Import vapi.sql into MySQL Database Configure the DB Credentials in the vapi/.env Starting MySQL service Run following command (Linux) service mysqld start Starting Laravel Server Go to vapi directory and Run php artisan serve Setting Up Postman Import vAPI.postman_collection.json in PostmanImport vAPI_ENV.postman_environment.json in...
