AWS-Threat-Simulation-and-Detection : Playing Around With Stratus Red Team And SumoLogic
.png "AWS-Threat-Simulation-and-Detection : Playing Around With Stratus Red Team And SumoLogic")
AWS-Threat-Simulation-and-Detection, this repository is a documentation of my adventures with Stratus Red Team - a tool for adversary emulation for the cloud. Stratus Red Team is "Atomic Red Team for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner. We run the attacks covered in the Stratus Red Team repository one by one on our AWS account. In order...
Lockc : Making Containers More Secure With eBPF And Linux Security Modules (LSM)
.png "Lockc : Making Containers More Secure With eBPF And Linux Security Modules (LSM)"){kind=logo}
lockc is open source sofware for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main reason why lockc exists is that containers do not contain. Containers are not as secure and isolated as VMs. By default, they expose a lot of information about host OS and provide ways to "break out" from the container. lockc aims to provide more isolation to...
Puwr : SSH Pivoting Script For Expanding Attack Surfaces On Local Networks
.png "Puwr : SSH Pivoting Script For Expanding Attack Surfaces On Local Networks")
Puwr will Easily expand your attack surface on a local network by discovering more hosts, via SSH. Using a machine running a SSH service, Puwr uses a given subnet range to scope out IP's, sending back any successful ping requests it has. This can be used to create a pivoting attack from a compromised machine, by returning you hosts...
Atomic-Operator : A Python Package Is Used To Execute Atomic Red Team Tests
.png "Atomic-Operator : A Python Package Is Used To Execute Atomic Red Team Tests"){kind=logo}
atomic-operator enables security professionals to test their detection and defensive capabilities against prescribed techniques defined within atomic-red-team. By utilizing a testing framework such as atomic-operator, you can identify both your defensive capabilities as well as gaps in defensive coverage. Additionally, atomic-operator can be used in many other situations like: Generating alerts to test productsTesting EDR and other security toolsIdentifying way to perform defensive evasion from an...
COM-Hunter : COM Hijacking VOODOO
COM-hunter is a COM Hijacking persistence tool written in C#. Features Finds out entry valid CLSIDs in the victim's machine.Finds out valid CLSIDs via Task Scheduler in the victim's machine.Finds out if someone already used any of those valid CLSIDs in order to do COM persistence (LocalServer32/InprocServer32).Finds out if someone already used any of valid CLSID via Task Scheduler in order...
CRLFsuite : Fast CRLF Injection Scanning Tool
.png "CRLFsuite : Fast CRLF Injection Scanning Tool"){kind=logo}
CRLFsuite is a fast tool specially designed to scan CRLF injection. Installation $ git clone https://github.com/Nefcore/CRLFsuite.git$ cd CRLFsuite$ sudo python3 setup.py install$ crlfsuite -h Features ✔️ Single URL scanning ✔️ Multiple URL scanning ✔️ WAF detection ✔️ XSS through CRLF injection ✔️ Stdin supported ✔️ GET & POST method supported ✔️ Concurrency ✔️ Powerful payloads (WAF evasion payloads are also included) ✔️ Fast and efficient scanning with negligible false-positive Arguments ArgumentDiscription-u/--urltarget URL-i/--import-urlsImport targets from the file-s/--stdinScan URLs from stdin-o/--outputPath for output file-m/--methodRequest method...
Cybersecurity in No-Code platforms: Key Principles
If you're developing an application using no-code platform, it's important to understand the risks of cybersecurity. A no-code software makes it easier than ever before for developers and non-developers alike to create applications. With so many people able to access your codebase, however, you must be equally as ready for anything that could go wrong. Below are some generalized principles and...
SMB-Session-Spoofing : Tool To Create A Fake SMB Session
.png "SMB-Session-Spoofing : Tool To Create A Fake SMB Session")
SMB-Session-Spoofing is a utility that can be compiled with Visual Studio 2019 (or newer). The goal of this program is to create a fake SMB Session. The primary purpose of this is to serve as a method to lure attackers into accessing a honey-device. This program comes with no warranty or guarantees. Program Modifications Instructions This program will require you to...
Notionterm : Embed Reverse Shell In Notion Pages
.png "Notionterm : Embed Reverse Shell In Notion Pages")
Notionterm is a Embed Reverse Shell In Notion Pages Hiding attacker IP in reverse shell (No direct interaction between attacker and target machine. Notion is used as a proxy hosting the reverse shell)Demo/Quick proof insertion within reportHigh available and shareable reverse shell (desktop, browser, mobile)Encrypted and authenticated remote shell The focus was on making something fun while still being usable, but that's...
Zap-Scripts : Zed Attack Proxy Scripts For Finding CVEs And Secrets
.png "Zap-Scripts : Zed Attack Proxy Scripts For Finding CVEs And Secrets")
Zap-Scripts is a Zed Attack Proxy Scripts for finding CVEs and Secrets. Building This project uses Gradle to build the ZAP add-on, simply run: ./gradlew build in the main directory of the project, the add-on will be placed in the directory build/zapAddOn/bin/. Usage The easiest way to use this repo in ZAP is to add the directory to the scripts directory in ZAP (under Options ->...
