Cloudsploit : Cloud Security Posture Management (CSPM)
CloudSploit by Aqua is an open-source project designed to allow detection of security risks in cloud infrastructure accounts, including: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), and GitHub. These scripts are designed to return a series of potential misconfigurations and security risks. Deployment Options CloudSploit is available in two deployment options: Self-Hosted Follow the instructions below...
Dive : A Tool For Exploring Each Layer In A Docker Image
Dive is a tool for exploring a docker image, layer contents, and discovering ways to shrink the size of your Docker/OCI image. To analyze a Docker image simply run dive with an image tag/id/digest: dive <your-image-tag> or if you want to build your image then jump straight into analyzing it: dive build -t <some-tag> Building on Macbook (supporting only the Docker container engine) docker run...
Php-Malware-Finder : Detect Potentially Malicious PHP Files
PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. The following list of encoders/obfuscators/webshells are also detected: BantamBest PHP ObfuscatorCarbylamineCipher DesignCyklodevJoes Web Tools ObfuscatorP.A.SPHP JiamiPhp Obfuscator EncodeSpinObfWeevely3atomikucobra obfuscatornanonovahotphpencodetenncweb-malware-collectionwebtoolsvn Of course it's trivial to bypass PMF, but its goal is to catch kiddies and idiots, not people with a working brain. If you report...
TerraGoat : Vulnerable Terraform Infrastructure
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. Introduction TerraGoat was built to enable DevSecOps design and implement a sustainable misconfiguration prevention strategy. It can be used to test a policy-as-code framework like Bridgecrew & Checkov, inline-linters, pre-commit hooks or other code scanning...
LDAP-Password-Hunter : Password Hunter In The LDAP Infamous Database
LDAP Password Hunter is a tool which wraps features of getTGT.py (Impacket) and ldapsearch in order to look up for password stored in LDAP database. Impacket getTGT.py script is used in order to authenticate the domain account used for enumeration and save its TGT kerberos ticket. TGT ticket is then exported in KRB5CCNAME variable which is used by ldapsearch...
AWS-Loot : Pull Secrets From An AWS Environment
AWS-Loot tool allows quick enumeration over large sets of AWS instances and services. Install pip install -r requirements.txt An AWS credential file (.aws/credentials) is required for authentication to the target environment Access KeyAccess Key Secret How it works Awsloot works by going through EC2, Lambda, CodeBuilder instances and searching for high entropy strings. The EC2 Looter works by querying all available instance ID's in all...
EDRHunt : Scan Installed EDRs And AVs On Windows
EDRHunt scans Windows services, drivers, processes, registry for installed EDRs (Endpoint Detection And Response). Read more about EDRHunt Install BinaryDownload the latest release from the release section. Releases are built for windows/amd64.GoRequires Go to be installed on system. Tested on Go1.17+.go install github.com/FourCoreLabs/EDRHunt/cmd/EDRHunt@master Usage Find installed EDRs $ .EDRHunt.exe scanDetected EDR: Windows DefenderDetected EDR: Kaspersky Security Scan Everything $ .EDRHunt.exe allRunning in user mode, escalate to...
Wslu : A Collection Of Utilities For Windows 10 Linux Subsystems
Wslu is a collection of utilities for Windows 10 Linux Subsystem, such as retrieving Windows 10 environment variables or creating your favorite Linux GUI application shortcuts on Windows 10 Desktop. Requires Windows 10 Creators Update; Some of the feature requires a higher version of Windows 10; Supports WSL2. Feature wslusc A WSL shortcut creator to create a shortcut on your Windows 10 Desktop. wslsys A...
SocialPwned : An OSINT Tool That Allows To Get The Emails, From A Target, Published In Social Networks
SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks like Instagram, Linkedin and Twitter to find the possible credential leaks in PwnDB or Dehashed and obtain Google account information via GHunt. The purpose of this tool is to facilitate the search for vulnerable targets during the phase of Footprinting in an...
SentryPeer : A Distributed Peer To Peer List Of Bad Actor IP Addresses And Phone Numbers Collected
SentryPeer is basically a fraud detection tool. It lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call. Those details are then used to block them at the service providers network and the next time a user/customer tries to call a collected number, it's blocked. Traditionally this data...
