Pinecone : A WLAN Red Team Framework
Pinecone is a WLAN networks auditing tool, suitable for red team usage. It is extensible via modules, and it is designed to be run in Debian-based operating systems. Pinecone is specially oriented to be used with a Raspberry Pi, as a portable wireless auditing box. This tool is designed for educational and research purposes only. Only use it with explicit...
Koh : The Token Stealer
Koh is a C# and Beacon Object File (BOF) toolset that allows for the capture of user credential material via purposeful token/logon session leakage. Some code was inspired by Elad Shamir's Internal-Monologue project (no license), as well as KB180548. For why this is possible and Koh's approeach, see the Technical Background section of this README. For a deeper explanation of the motivation behind Koh and its approach,...
Zenbuster : Multi-threaded URL Enumeration/Brute-Forcing Tool
ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin (@0xTas). I wrote this tool as a way to deepen my familiarity with Python, and to help increase my understanding of Cybersecurity tooling in general. ZenBuster may not be the fastest or most comprehensive tool of its kind. It is however, simple to use, decently flexible, and...
Kubeaudit : Tool To Audit Your Kubernetes Clusters Against Common Security Controls
Kubeaudit no longer supports APIs deprecated as of Kubernetes v.1.16 release. So, it is now a requirement for clusters to run Kubernetes >=1.16 kubeaudit is a command line tool and a Go package to audit Kubernetes clusters for various different security concerns, such as: run as non-rootuse a read-only root filesystemdrop scary capabilities, don't add new onesdon't run privilegedand more! tldr. kubeaudit makes sure you deploy...
Dumpscan : Tool To Extract And Dump Secrets From Kernel And Windows Minidump Formats
Dumpscan is a command-line tool designed to extract and dump secrets from kernel and Windows Minidump formats. Kernel-dump parsing is provided by volatility3. Features x509 Public and Private key (PKCS #8/PKCS #1) parsingSymCrypt parsingSupported structuresSYMCRYPT_RSAKEY - Determines if the key structure also has a private keyMatching to public certificates found in the same processMore SymCrypt structures to comeEnvironment variablesCommand line arguments Note: Testing has only been...
Trufflehog : Find Credentials All Over The Place
TruffleHog v3 is a complete rewrite in Go with many new powerful features. We've added over 700 credential detectors that support active verification against their respective APIs.We've also added native support for scanning GitHub, GitLab, filesystems, and S3.Instantly verify private keys against millions of github users and billions of TLS certificates using our Driftwood technology. What is credential verification? For every potential credential that is detected, we've painstakingly implemented...
Bypass-Url-Parser : Tool That Tests Many URL Bypasses To Reach A 40X Protected Page
Bypass-Url-Parser is a Tool that tests MANY url bypasses to reach a 40X protected page. If you wonder why this code is nothing but a dirty curl wrapper, here's why: Most of the python requests do url/path/parameter encoding/decoding, and I hate this.If I submit raw chars, I want raw chars to be sent.If I send a weird path, I want it weird, not normalized. This is surprisingly...
WebView2-Cookie-Stealer : Attacking With WebView2 Applications
WebView2-Cookie-Stealer, According to Microsoft, “Microsoft Edge WebView2 control allows you to embed web technologies (HTML, CSS, and JavaScript) in your native apps”. Essentially, WebView2 technology can be used to create an executable that can communicate with web applications similarly to a browser. This is meant to improve desktop applications and provide them with additional capabilities for interaction with web...
Tofu : Windows Offline Filesystem Hacking Tool For Linux
Tofu is a modular tool for hacking offline Windows filesystems and bypassing login screens. Can do hashdumps, OSK-Backdoors, user enumeration and more. How It Works When a Windows machine is shut down, unless it has Bitlocker or another encryption service enabled, it's storage device contains everything stored on the device as if it was unlocked. This means that you can...
Frostbyte : FrostByte Is A POC Project That Combines Different Defense Evasion Techniques
FrostByte Is A POC Project That Combines Different Defense Evasion Techniques. In the past few days I've been experimenting with the AppDomain manager injection technique had a decent success with it in my previous Red Team engagements against certain EDRs. Although, this is really good for initial access vector, I wanted to release a POC which will help hiding your shellcode...