Vortex : VPN Overall Reconnaissance, Testing, Enumeration And exploitation Toolkit
.png "Vortex : VPN Overall Reconnaissance, Testing, Enumeration And exploitation Toolkit"){kind=logo}
Vortex is a VPN Overall Reconnaissance, Testing, Enumeration and Exploitation Toolkit Overview A very simple Python framework, inspired by SprayingToolkit, that tries to automate most of the process required to detect, enumerate and attack common O365 and VPN endpoints (like Cisco, Citrix, Fortinet, Pulse, etc...). Why I developed it Make the VPN spraying phase much quicker and easier. Also, due to its flexibility, this...
FastFinder : Incident Response – Fast Suspicious File Finder
.png "FastFinder : Incident Response – Fast Suspicious File Finder")
FastFinder is a lightweight tool made for threat hunting, live forensics and triage on both Windows and Linux Platforms. It is focused on endpoint enumeration and suspicious file finding based on various criterias: file path / namemd5 / sha1 / sha256 checksumsimple string content matchcomplex content condition(s) based on YARA Ready for battle! fastfinder has been tested in real cases in multiple CERT,...
Oh365UserFinder : Python3 O365 User Enumeration Tool
Oh365UserFinder is used for identifying valid o365 accounts and domains without the risk of account lockouts. The tool parses responses to identify the "If Exists Result" flag is null or not, and responds appropriately if the user is valid. The tool will attempt to identify false positives based on response, and either automatically create a waiting period to allow...
PSRansom : PowerShell Ransomware Simulator With C2 Server
.png "PSRansom : PowerShell Ransomware Simulator With C2 Server")
PSRansom is a PowerShell Ransomware Simulator with C2 Server capabilities. This tool helps you simulate encryption process of a generic ransomware in any system on any system with PowerShell installed on it. Thanks to the integrated C2 server, you can exfiltrate files and receive client information via HTTP. All communication between the two elements is encrypted or encoded so as to...
S3Sec : Check AWS S3 Instances For Read/Write/Delete Access
.png "S3Sec : Check AWS S3 Instances For Read/Write/Delete Access")
S3Sec tool was developed to quickly test a list of s3 buckets for public read, write and delete access for the purposes of penetration testing on bug bounty programs. Installation Clone the git repo onto your machine: git clone https://github.com/0xmoot/s3sec Usage Check a single S3 instance: echo "test-instance.s3.amazonaws.com" | python3 s3sec.py Or: echo "test-instance" | python3 s3sec.py Check a list of S3 instances: cat locations | python3 s3sec.py Setup AWS...
Nuclei-Burp-Plugin : Nuclei Plugin For BurpSuite
.png "Nuclei-Burp-Plugin : Nuclei Plugin For BurpSuite")
Nuclei-Burp-Plugin is a BurpSuite plugin intended to help with nuclei template generation. Features Template matcher generation Word and Binary matcher creation using selected response snippets from Proxy history or Repeater contextsMulti-line selections are split to separate words for readabilityBinary matchers are created for selections containing non-ASCII charactersThe part field is auto-set based on whether the selection was in the request header or bodyEvery generated template auto-includes a Status matcher, using the HTTP status code of the response Request template...
Ghostbuster : Eliminate Dangling Elastic IPs By Performing Analysis On Your Resources
.png "Ghostbuster : Eliminate Dangling Elastic IPs By Performing Analysis On Your Resources")
Ghostbuster obtains all the DNS records present in all of your AWS accounts (Route53), and can optionally take in records via CSV input, or via Cloudflare. After these records are collected, Ghostbuster iterates through all of your AWS Elastic IPs and Network Interface Public IPs and collects this data. By having a complete picture of the DNS records (from route53, file...
Kali Linux – The Best Tool For Penetration Testing?
The penetration tool known as Kali Linux is a Debian-based Linux distribution that was created with security testing and auditing in mind. It is one of the most popular security distributions in the world, and it includes dozens of tools that allow you to perform all sorts of attacks against your targets. In this blog post, we will discuss...
Epagneul : Graph Visualization For Windows Event Logs
.png "Epagneul : Graph Visualization For Windows Event Logs"){kind=logo}
Epagneul is a tool to visualize and investigate windows event logs. Deployment Requires docker and docker-compose to be installed. Installing make Offline deployment On a machine connected to internet, build an offline release: make release This will create a release folder containing ready to go docker images. Copy the project to your air gapped machine then run: make loadmake This will install: epagneul web UI (port 8080)epagneul backend (port 8000)neo4j (port 7474) Download
S1EM : This Project Is A SIEM With SIRP And Threat Intel, All In One
.png "S1EM : This Project Is A SIEM With SIRP And Threat Intel, All In One")
S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable. S1EM is a SIEM with SIRP and Threat Intel, a full packet capture, all in one. Inside the solution: Cluster ElasticsearchKibanaFilebeatLogstashMetricbeatHeartbeatAuditbeatN8nSpiderfootSyslog-ngElastalertTheHiveCortexMISPOpenCTIArkimeSuricataZeekStoQMwdbTraefikClamavCodimdWatchtowerHomer Note: Cortex v3.1 use ELK connector and the OpenCTI v4 connector Installation Guide Prerequisites Solution works with Linux, docker, and docker-compose.For...
