ADLab : Custom PowerShell Module To Setup An Active Directory Lab Environment To Practice Penetration Testing
ADLab, the purpose of this module is to automate the deployment of an Active Directory lab for practicing internal penetration testing. Credits to Joe Helle and his PowerShell for Pentesters course regarding the generation of the attack vectors. Instructions Preparation Optional but recommended: Move Module into PSModulePath # Display PSModulePath$env:PSModulePath.split(";")# Move module to pathMove-Item .ADLab "C:Windowssystem32WindowsPowerShellv1.0Modules" Import-Module #Import global moduleImport-Module ADLab#Import local moduleImport-Module .ADLab.psm1 Initial Lab Setup Invoke-DCPrep This function prepares the current VM/computer...
Vimana : An Experimental Security Framework That Aims To Provide Resources For Auditing Python Web Applications
Vimana is a modular security framework designed to audit Python web applications. Framework Structure The base of the Vimana is composed of crawlers focused on frameworks (in addition to the generic ones for web), trackers, discovery, fuzzer, parser among other types of modules. The main idea, from where the framework emerged, is to identify, through a blackbox approach, configuration flaws and...
Melting-Cobalt : A Cobalt Strike Scanner That Retrieves Detected Team Server Beacons Into A JSON Object
Melting-Cobalt tool to hunt/mine for Cobalt Strike beacons and "reduce" their beacon configuration for later indexing. Hunts can either be expansive and internet wide using services like Security Trails, Shodan, or ZoomEye or a list of IP's. Getting started Install melting-cobaltConfigure your tokens to begin the huntMine Beacons to begin reducing themReview results cat results.json | jq Installation Requirements: virtualenv, and python3.8+ git clone https://github.com/splunk/melting-cobalt && cd melting-cobalt Clone project and...
Web-Hacking-Toolkit : A Multi-Platform Web Hacking Toolkit Docker Image With Graphical User Interface (GUI) Support
Web-Hacking-Toolkit multi-platform web hacking toolkit Docker image with Graphical User Interface (GUI) support. Installation Docker Pull the image from Docker Hub: docker pull signedsecurity/web-hacking-toolkit Run a container and attach a shell: docker run -it --rm --shm-size="2g" --name web-hacking-toolkit --hostname web-hacking-toolkit -p 22:22 -v $(pwd)/data:/root/data signedsecurity/web-hacking-toolkit /bin/bash Docker Compose Docker-Compose can also be used. version: "3.9" services: web-hacking-toolkit: image: signedsecurity/web-hacking-toolkit ...
PeTeReport : An Open-Source Application Vulnerability Reporting Tool
PeTeReport (PenTest Report) is an open-source application vulnerability reporting tool designed to assist pentesting/redteaming efforts, by simplifying the task of writing and generation of reports. Focused in product security, the tool help security researchers and pentesters to provide detailed findings, appendix, attack paths and manage a finding template database to avoid wasting time spent in the reporting phase. PeTeReport (PenTest Report) is written...
Dockerized-Android : A Container-Based Framework To Enable The Integration Of Mobile Components In Security Training Platforms
Dockerized Android is a container-based framework that allows to execute and Android Emulator inside Docker and control it through a browser. This project has been developed in order to provide a starting point for integrating mobile security components into Cyber Ranges but it can be used for any purpose. Anyway, for development and testing purposes the project suggested is docker-android. Intro As stated...
GC2 : A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive
GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google Drive. Why This program has been developed in order to provide a command and control that does not require any particular set up (like: a custom domain, VPS, CDN, ...) during...
Scarce-Apache2 : A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public
Scarce-Apache2 tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning method (Only if the MOD_CGI is Enabled at the targeted webserver). This tool works with the provided Single target or Mass Target from a file list. Only use this tool for Bug...
Http-Protocol-Exfil : Exfiltrate Files Using The HTTP Protocol Version (“HTTP/1.0” Is A 0 And “HTTP/1.1” Is A 1)
Http-Protocol-Exfil uses HTTP protocol version to send a file bit by bit ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1). It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and...
HTTPUploadExfil : A Simple HTTP Server For Exfiltrating Files/Data During, For Example, CTFs
HTTPUploadExfil is a (very) simple HTTP server written in Go that's useful for getting files (and other information) off a machine using HTTP. While there are many use-cases, it's meant to be used in low-stakes offensive scenarios (e.g., CTFs). Think of this as python3 -m http.server but for getting data off a machine instead of on the machine. Obviously, this is a very loud and somewhat restricted way of exfiltrating...
