AWS-Loot : Pull Secrets From An AWS Environment
AWS-Loot tool allows quick enumeration over large sets of AWS instances and services. Install pip install -r requirements.txt An AWS credential file (.aws/credentials) is required for authentication to the target environment Access KeyAccess Key Secret How it works Awsloot works by going through EC2, Lambda, CodeBuilder instances and searching for high entropy strings. The EC2 Looter works by querying all available instance ID's in all...
EDRHunt : Scan Installed EDRs And AVs On Windows
EDRHunt scans Windows services, drivers, processes, registry for installed EDRs (Endpoint Detection And Response). Read more about EDRHunt Install BinaryDownload the latest release from the release section. Releases are built for windows/amd64.GoRequires Go to be installed on system. Tested on Go1.17+.go install github.com/FourCoreLabs/EDRHunt/cmd/EDRHunt@master Usage Find installed EDRs $ .EDRHunt.exe scanDetected EDR: Windows DefenderDetected EDR: Kaspersky Security Scan Everything $ .EDRHunt.exe allRunning in user mode, escalate to...
Wslu : A Collection Of Utilities For Windows 10 Linux Subsystems
Wslu is a collection of utilities for Windows 10 Linux Subsystem, such as retrieving Windows 10 environment variables or creating your favorite Linux GUI application shortcuts on Windows 10 Desktop. Requires Windows 10 Creators Update; Some of the feature requires a higher version of Windows 10; Supports WSL2. Feature wslusc A WSL shortcut creator to create a shortcut on your Windows 10 Desktop. wslsys A...
SocialPwned : An OSINT Tool That Allows To Get The Emails, From A Target, Published In Social Networks
SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks like Instagram, Linkedin and Twitter to find the possible credential leaks in PwnDB or Dehashed and obtain Google account information via GHunt. The purpose of this tool is to facilitate the search for vulnerable targets during the phase of Footprinting in an...
SentryPeer : A Distributed Peer To Peer List Of Bad Actor IP Addresses And Phone Numbers Collected
SentryPeer is basically a fraud detection tool. It lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call. Those details are then used to block them at the service providers network and the next time a user/customer tries to call a collected number, it's blocked. Traditionally this data...
Instaloctrack : An Instagram OSINT Tool To Collect All The Geotagged Locations
Instaloctrack, a tool to scrape geotagged locations on Instagram profiles. Output in JSON & interactive map. Requirements sudo apt install chromium-chromedriver && chmod a+x /usr/bin/chromedriver Installation git clone https://github.com/bernsteining/instaloctrackcd instaloctrackpip3 install . Or use Docker: sudo docker build -t instaloctrack -f Dockerfile . Usage instaloctrack -husage: instaloctrack Instagram location data gathering tool. Usage: python3 instaloctrack.py -toptional arguments:-h, --help show this help message and...
Espionage : A Network Packet And Traffic Interceptor For Linux. Spoof ARP And Wiretap A Network
Espionage is a network packet sniffer that intercepts large amounts of data being passed through an interface. The tool allows users to to run normal and verbose traffic analysis that shows a live feed of traffic, revealing packet direction, protocols, flags, etc. Espionage can also spoof ARP so, all data sent by the target gets redirected through the attacker...
Invoke-EDRChecker : Checks Running Processes, Process Metadata, Dlls Loaded Into Your Current Process
Invoke-EDRChecker is the script will check running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools. This script can be loaded into your C2 server as well for example in PoshC2,...
IDACode : An Integration For IDA And VS Code Which Connects Both To Easily Execute And Debug
IDACode makes it easy to execute and debug Python scripts in your IDA environment without leaving Visual Studio Code. The VS Code extension can be found on the marketplace.IDACode is still in a very early state and bugs are to be expected. Please open a new issue if you encounter any issues. Features Speed: Quickly create and execute scripts.Debugging: Attach a Python...
SMBSR : Lookup For Interesting Stuff In SMB Shares
SMBSR is a python script which given a CIDR/IP/IP_file/HOSTNAME(s) enumerates all the SMB services listening (445) among the targets and tries to authenticate against them; if the authentication succeed then all the folders and subfolders are visited recursively in order to find secrets in files and ... secret files. In order to scan the targets for SMB ports open...
