SyntheticSun : A Defense-In-Depth Security Automation And Monitoring Framework
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats. You sleep in fragmented glassWith reflections of you,But are you feeling alive?Yeah let me ask you,Are you feeling alive? Synopsis Uses event- and time-based serverless automation (e.g. AWS CodeBuild, AWS Lambda) to...
Msmailprobe : Office 365 And Exchange Enumeration
Msmailprobe is widely known that OWA (Outlook Web app) is vulnerable to time-based user enumeration attacks. This tool leverages all known, and even some lesser-known services exposed by default Exchange installations to enumerate users. It also targets Office 365 for error-based user enumeration. Getting Started If you want to download and compile the simple, non-dependant code, you must first install GoLang!...
RPC Firewall : Stopping Lateral Movement via the RPC Firewall
RPC Firewall is the underlying mechanism which is used for numerous lateral movement techniques, reconnaissances, relay attacks, or simply to exploit vulnerable RPC services. DCSync attack? over RPC. Remote DCOM? over RPC. WMIC? over RPC. SharpHound? over RPC. PetitPotam? over RPC. PsExec? over RPC. ZeroLogon? over RPC... well, you get the idea :) What is it used for? Research Install the RPC Firewall and configure it to audit all remote RPC...
Lsarelayx : NTLM Relaying For Windows Made Easy
Lsarelayx is system wide NTLM relay tool designed to relay incoming NTLM based authentication to the host it is running on. lsarelayx will relay any incoming authentication request which includes SMB. Since lsarelayx hooks into existing application authentication flows, the tool will also attempt to service the original authentication request after the relay is complete. This will prevent the target application/protocol...
RiotPot : Resilient IoT And Operational Technology Honeypot
RiotPot is an interoperable medium interaction honeypot, primarily focused on the emulation IoT and OT protocols, although, it is also capable of emulating other services. This services are loaded in the honeypot in the form of plugins, making RIoTPot a modular, and very transportable honeypot. The services are loaded at runtime, meaning that the weight of the honeypot will vary...
Skrull : A Malware DRM, That Prevents Automatic Sample Submission By AV/EDR
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted. Video Demo Download
PMAT-labs : Labs For Practical Malware Analysis And Triage
PMAT-labs, this repository contains live malware samples for use in the Practical Malware Analysis & Triage course (PMAT). These samples are either written to emulate common malware characteristics or are live, real world, "caught in the wild" samples. Both categories are dangerous. These samples are to be handled with extreme caution at all times. Do not download these samples to...
ShonyDanza : A Customizable Tool For Researching, Pen Testing, And Defending With The Power Of Shodan
ShonyDanza is a customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan. With ShonyDanza, you can: Obtain IPs based on search criteriaAutomatically exclude honeypots from the results based on your pre-configured thresholdsPre-configure all IP searches to filter on your specified net range(s)Pre-configure search limitsUse build-a-search to craft searches with easy building blocksUse stock searches and pre-configure...
Snap Scraper : Enables Users To Download Media Uploaded To Snapchat’s Snap Map
Snap Scraper is an open source intelligence tool which enables users to download media uploaded to Snapchat's Snap Map using a set of latitude and longitude co-ordinates. This project is in no way affiliated with, authorized, maintained, sponsored or endorsed by Snap inc. or any of its affiliates or subsidiaries. This program is for education, forensic and bug reporting...
SourceLeakHacker : A Multi Threads Web Application Source Leak Scanner
SourceLeakHacker is a multi-threads web directories scanner. Installation pip install -r requirements.txt Usage usage: SourceLeakHacker.py optional arguments:-h, --help show this help message and exit--url URL url to scan, eg: 'http://127.0.0.1/'--urls URLS file contains urls to scan, one line one url.--scale {full,tiny} build-in dictionary scale--output OUTPUT output folder, default: result/YYYY-MM-DD hh:mm:ss--threads THREADS, -t THREADSthreads numbers, default: 4--timeout TIMEOUT HTTP request timeout--level {CRITICAL,ERROR,WARNING,INFO,DEBUG}, -v {CRITICAL,ERROR,WARNING,INFO,DEBUG}log...
