modDetective : Tool That Chronologizes Files Based On Modification Time In Order To Investigate Recent System Activity
modDetective is a small Python tool that chronologizes files based on modification time in order to investigate recent system activity. This can be used in CTF's in order to pinpoint where escalation and attack vectors may exist. To see the tool in its most useful form, try running the command as follows: python3 modDetective.py -i /usr/share,/usr/lib,/lib. This will ignore the /usr/lib, /usr/share, and /lib directories,...
LambdaGuard : AWS Serverless Security
%20(1).png "LambdaGuard : AWS Serverless Security")
LambdaGuard is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code. LambdaGuard is an AWS Lambda auditing tool designed to create asset visibility and provide actionable results. It provides a meaningful overview in terms of statistical analysis,...
How to Quickly Return To The WoW After a Long Absence
MMOs are evolving very quickly to keep the attention of the players. Constant updates, new patches, updated locations and bosses. Sometimes developers even add a new gradation of armor or weapons, and when you enter the game after a long period of time, you may be surprised how much everything has changed and not understand what is happening. Read the patch...
LiveTargetsFinder : Generates Lists Of Live Hosts And URLs For Targeting, Automating The Usage Of MassDNS
.png "LiveTargetsFinder : Generates Lists Of Live Hosts And URLs For Targeting, Automating The Usage Of MassDNS")
LiveTargetsFinder, Generates lists of live hosts and URLs for targeting, automating the usage of Massdns, Masscan and nmap to filter out unreachable hosts Given an input file of domain names, this script will automate the usage of MassDNS to filter out unresolvable hosts, and then pass the results on to Masscan to confirm that the hosts are reachable and on...
RESim : Reverse Engineering Software Using A Full System Simulator
RESim is a dynamic system analysis tool that provides detailed insight into processes, programs and data flow within networked computers. RESim simulates networks of computers through use of the Simics' platform’s high fidelity models of processors, peripheral devices (e.g., network interface cards), and disks. The networked simulated computers load and run targeted software copied from images extracted from the...
Cdb : Automate Common Chrome Debug Protocol Tasks To Help Debug Web Applications
.png "Cdb : Automate Common Chrome Debug Protocol Tasks To Help Debug Web Applications")
CDB is a Chrome Debug Protocol utility. The main goal of the tool is to automate common tasks to help debug web applications from the command-line and actively monitor and intercept HTTP requests and responses. This is particularly useful during penetration tests and other types of security assessments and investigations. Quickstart This tool is meant to be used as part of Pown.js but...
Pinecone : A WLAN Red Team Framework
.png "Pinecone : A WLAN Red Team Framework"){kind=logo}
Pinecone is a WLAN networks auditing tool, suitable for red team usage. It is extensible via modules, and it is designed to be run in Debian-based operating systems. Pinecone is specially oriented to be used with a Raspberry Pi, as a portable wireless auditing box. This tool is designed for educational and research purposes only. Only use it with explicit...
Koh : The Token Stealer
.png "Koh : The Token Stealer")
Koh is a C# and Beacon Object File (BOF) toolset that allows for the capture of user credential material via purposeful token/logon session leakage. Some code was inspired by Elad Shamir's Internal-Monologue project (no license), as well as KB180548. For why this is possible and Koh's approeach, see the Technical Background section of this README. For a deeper explanation of the motivation behind Koh and its approach,...
Zenbuster : Multi-threaded URL Enumeration/Brute-Forcing Tool
%20(1).png "Zenbuster : Multi-threaded URL Enumeration/Brute-Forcing Tool")
ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin (@0xTas). I wrote this tool as a way to deepen my familiarity with Python, and to help increase my understanding of Cybersecurity tooling in general. ZenBuster may not be the fastest or most comprehensive tool of its kind. It is however, simple to use, decently flexible, and...
Kubeaudit : Tool To Audit Your Kubernetes Clusters Against Common Security Controls
Kubeaudit no longer supports APIs deprecated as of Kubernetes v.1.16 release. So, it is now a requirement for clusters to run Kubernetes >=1.16 kubeaudit is a command line tool and a Go package to audit Kubernetes clusters for various different security concerns, such as: run as non-rootuse a read-only root filesystemdrop scary capabilities, don't add new onesdon't run privilegedand more! tldr. kubeaudit makes sure you deploy...
