ChopChop : ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders
ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot. Checks/Signatures are declared in a config file (by default: chopchop.yml), fully configurable, and especially by developers. Building We tried to make the build process painless and hopefully, it should be...
Canadian Furious Beaver : A Tool For Monitoring IRP Handler In Windows Drivers, And Facilitating The Process Of Analyzing, Replaying And Fuzzing Windows Drivers For Vulnerabilities
Canadian Furious Beaver is a distributed tool for capturing IRPs sent to any Windows driver. It operates in 2 parts: the "Broker" combines both a user-land agent and a self-extractable driver (IrpDumper.sys) that will install itself on the targeted system. Once running it will expose (depending on the compilation options) a remote named pipe (reachable from \target.ip.addresspipecfb), or a TCP port...
AzureHunter : A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365
AzureHunter is a Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes Getting Started Check that you have the right O365 Permissions The following roles are required in Exchange Online, in order to be able to have read only access to the UnifiedAuditLog: View-Only Audit Logs or Audit Logs. These roles are assigned by default to the Compliance Management role group in...
Ad-Honeypot-Autodeploy : Deploy A Small, Intentionally Insecure, Vulnerable Windows Domain For RDP Honeypot Fully Automatically
Ad-Honeypot-Autodeploy a tool to Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically. Runs on self-hosted virtualization using libvirt with QEMU/KVM (but it can be customized easily for cloud-based solutions). Used for painlessly set up a small Windows Domain from scratch automatically (without user interaction) for the purpose of RDP Honeypot testing. Features a Domain Controller, a Desktop Computer and a configured...
Abaddon : Make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities
Abaddon is a Red team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating and caution. Wavestone’s red team operations management software, Abaddon, has been designed to make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities. Because: There are tons of tools used by...
What is Cyber Resilience and How to Measure It?
When it comes to protecting your castle against hackers, ransomware crooks, and all manner of digital lowlifes cyber resilience is one of your most important weapons — it’s a key factor that determines your success on that battlefield. Basically, in a nutshell, cyber resilience is the capacity for your organisation to take a hit and keep on ticking. It’s...
RottenPotatoNG : A C++ DLL And Standalone C++ Binary – No Need For Meterpreter Or Other Tools
RottenPotatoNG generates a DLL and EXE file. The DLL contains all the code necessary to perform the RottenPotato attack and get a handle to a privileged token. The MSF RottenPotato Test Harness project simply shows example usage for the DLL. For more examples, see https://github.com/hatRiot/token-priv/tree/master/poptoke/poptoke, specifically the SeAssignPrimaryTokenPrivilege.cpp and SeImpersonatePrivilege.cpp files. RottenPotato EXE This project is identical to the above, except the...
Private Set Membership (PSM) : Cryptographic Protocol That Allows Clients To Privately Query
Private Set Membership (PSM) is a cryptographic protocol that allows clients to privately query whether the client's identifier is a member of a set of identifiers held by a server in a privacy-preserving manner. At a high level, PSM provides the following privacy guarantees: The server does not learn the client's queried identifier in the plaintext.The server does not learn whether...
Ddosify : High-performance Load Testing Tool
Ddosify is a High-performance load testing tool Features Protocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other protocols are on the way. Scenario-Based - Create your flow in a JSON file. Without a line of code! Different Load Types - Test your system's limits across different load types. Installation ddosify is available via Docker, Homebrew Tap, and downloadable pre-compiled binaries from the releases page for macOS, Linux and Windows. Docker docker run...
Koppeling : Adaptive DLL Hijacking / Dynamic Export Forwarding
Koppeling is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code. This project is comprised of the following elements: Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)Functions.dll: The "real" library which exposes valid functionality to the harnessTheif.dll: The "evil" library which is attempting...
.webp "Domain Audit – Automated Active Directory Penetration Testing")
