Atomic-Operator : A Python Package Is Used To Execute Atomic Red Team Tests
atomic-operator enables security professionals to test their detection and defensive capabilities against prescribed techniques defined within atomic-red-team. By utilizing a testing framework such as atomic-operator, you can identify both your defensive capabilities as well as gaps in defensive coverage. Additionally, atomic-operator can be used in many other situations like: Generating alerts to test productsTesting EDR and other security toolsIdentifying way to perform defensive evasion from an...
COM-Hunter : COM Hijacking VOODOO
COM-hunter is a COM Hijacking persistence tool written in C#. Features Finds out entry valid CLSIDs in the victim's machine.Finds out valid CLSIDs via Task Scheduler in the victim's machine.Finds out if someone already used any of those valid CLSIDs in order to do COM persistence (LocalServer32/InprocServer32).Finds out if someone already used any of valid CLSID via Task Scheduler in order...
CRLFsuite : Fast CRLF Injection Scanning Tool
CRLFsuite is a fast tool specially designed to scan CRLF injection. Installation $ git clone https://github.com/Nefcore/CRLFsuite.git$ cd CRLFsuite$ sudo python3 setup.py install$ crlfsuite -h Features ✔️ Single URL scanning ✔️ Multiple URL scanning ✔️ WAF detection ✔️ XSS through CRLF injection ✔️ Stdin supported ✔️ GET & POST method supported ✔️ Concurrency ✔️ Powerful payloads (WAF evasion payloads are also included) ✔️ Fast and efficient scanning with negligible false-positive Arguments ArgumentDiscription-u/--urltarget URL-i/--import-urlsImport targets from the file-s/--stdinScan URLs from stdin-o/--outputPath for output file-m/--methodRequest method...
Cybersecurity in No-Code platforms: Key Principles
If you're developing an application using no-code platform, it's important to understand the risks of cybersecurity. A no-code software makes it easier than ever before for developers and non-developers alike to create applications. With so many people able to access your codebase, however, you must be equally as ready for anything that could go wrong. Below are some generalized principles and...
SMB-Session-Spoofing : Tool To Create A Fake SMB Session
SMB-Session-Spoofing is a utility that can be compiled with Visual Studio 2019 (or newer). The goal of this program is to create a fake SMB Session. The primary purpose of this is to serve as a method to lure attackers into accessing a honey-device. This program comes with no warranty or guarantees. Program Modifications Instructions This program will require you to...
Notionterm : Embed Reverse Shell In Notion Pages
Notionterm is a Embed Reverse Shell In Notion Pages Hiding attacker IP in reverse shell (No direct interaction between attacker and target machine. Notion is used as a proxy hosting the reverse shell)Demo/Quick proof insertion within reportHigh available and shareable reverse shell (desktop, browser, mobile)Encrypted and authenticated remote shell The focus was on making something fun while still being usable, but that's...
Zap-Scripts : Zed Attack Proxy Scripts For Finding CVEs And Secrets
Zap-Scripts is a Zed Attack Proxy Scripts for finding CVEs and Secrets. Building This project uses Gradle to build the ZAP add-on, simply run: ./gradlew build in the main directory of the project, the add-on will be placed in the directory build/zapAddOn/bin/. Usage The easiest way to use this repo in ZAP is to add the directory to the scripts directory in ZAP (under Options ->...
PowerGram : Multiplatform Telegram Bot In Pure PowerShell
PowerGram is a pure PowerShell Telegram Bot that can be run on Windows, Linux or Mac OS. To make use of it, you only need PowerShell 4 or higher and an internet connection. All communication between the Bot and Telegram servers is encrypted with HTTPS, but all requests will be sent in GET method, so they could easily be intercepted. Requirements PowerShell 4.0...
Labtainers : A Docker-based Cyber Lab Framework
Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or install on a Linux system and your students are done with provisioning and administrative setup, for these and future lab exercises. Consistent lab execution environments and automated provisioning via Docker containersMulti-component network topologies on a modestly performing laptop computerAutomated assessment of student...
K0Otkit : Universal Post-Penetration Technique Which Could Be Used In Penetrations Against Kubernetes Clusters
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters. With k0otkit, you can manipulate all the nodes in the target Kubernetes cluster in a rapid, covert and continuous way (reverse shell). k0otkit is the combination of Kubernetes and rootkit. Prerequisite: k0otkit is a post-penetration tool, so you have to firstly conquer a cluster, somehow manage to escape from the container...