Melting-Cobalt : A Cobalt Strike Scanner That Retrieves Detected Team Server Beacons Into A JSON Object
Melting-Cobalt tool to hunt/mine for Cobalt Strike beacons and "reduce" their beacon configuration for later indexing. Hunts can either be expansive and internet wide using services like Security Trails, Shodan, or ZoomEye or a list of IP's. Getting started Install melting-cobaltConfigure your tokens to begin the huntMine Beacons to begin reducing themReview results cat results.json | jq Installation Requirements: virtualenv, and python3.8+ git clone https://github.com/splunk/melting-cobalt && cd melting-cobalt Clone project and...
Web-Hacking-Toolkit : A Multi-Platform Web Hacking Toolkit Docker Image With Graphical User Interface (GUI) Support
Web-Hacking-Toolkit multi-platform web hacking toolkit Docker image with Graphical User Interface (GUI) support. Installation Docker Pull the image from Docker Hub: docker pull signedsecurity/web-hacking-toolkit Run a container and attach a shell: docker run -it --rm --shm-size="2g" --name web-hacking-toolkit --hostname web-hacking-toolkit -p 22:22 -v $(pwd)/data:/root/data signedsecurity/web-hacking-toolkit /bin/bash Docker Compose Docker-Compose can also be used. version: "3.9" services: web-hacking-toolkit: image: signedsecurity/web-hacking-toolkit ...
PeTeReport : An Open-Source Application Vulnerability Reporting Tool
PeTeReport (PenTest Report) is an open-source application vulnerability reporting tool designed to assist pentesting/redteaming efforts, by simplifying the task of writing and generation of reports. Focused in product security, the tool help security researchers and pentesters to provide detailed findings, appendix, attack paths and manage a finding template database to avoid wasting time spent in the reporting phase. PeTeReport (PenTest Report) is written...
Dockerized-Android : A Container-Based Framework To Enable The Integration Of Mobile Components In Security Training Platforms
Dockerized Android is a container-based framework that allows to execute and Android Emulator inside Docker and control it through a browser. This project has been developed in order to provide a starting point for integrating mobile security components into Cyber Ranges but it can be used for any purpose. Anyway, for development and testing purposes the project suggested is docker-android. Intro As stated...
GC2 : A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive
GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google Drive. Why This program has been developed in order to provide a command and control that does not require any particular set up (like: a custom domain, VPS, CDN, ...) during...
Scarce-Apache2 : A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public
Scarce-Apache2 tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning method (Only if the MOD_CGI is Enabled at the targeted webserver). This tool works with the provided Single target or Mass Target from a file list. Only use this tool for Bug...
Http-Protocol-Exfil : Exfiltrate Files Using The HTTP Protocol Version (“HTTP/1.0” Is A 0 And “HTTP/1.1” Is A 1)
Http-Protocol-Exfil uses HTTP protocol version to send a file bit by bit ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1). It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and...
HTTPUploadExfil : A Simple HTTP Server For Exfiltrating Files/Data During, For Example, CTFs
HTTPUploadExfil is a (very) simple HTTP server written in Go that's useful for getting files (and other information) off a machine using HTTP. While there are many use-cases, it's meant to be used in low-stakes offensive scenarios (e.g., CTFs). Think of this as python3 -m http.server but for getting data off a machine instead of on the machine. Obviously, this is a very loud and somewhat restricted way of exfiltrating...
DonPAPI : Dumping DPAPI Credz Remotely
DonPAPI is a Dumping DPAPI Credz Remotely. DPAPI Dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User passwordDomaine DPAPI BackupKeyLocal machine DPAPI Key (protecting TaskScheduled blob) Curently gathered info Windows credentials (Taskscheduled credentials & a lot more)Windows VaultsWindows RDP credentialsAdConnect (still require a manual operation)Wifi keyIntenet explorer CreentialsChrome cookies & credentialsFirefox cookies & credentialsVNC passwordsmRemoteNG password...
Clash : A Rule-Based Tunnel In Go
Clash a rule-based tunnel in Go. Features Local HTTP/HTTPS/SOCKS server with authentication supportVMess, Shadowsocks, Trojan, Snell protocol support for remote connectionsBuilt-in DNS server that aims to minimize DNS pollution attack impact, supports DoH/DoT upstream and fake IP.Rules based off domains, GEOIP, IPCIDR or Process to forward packets to different nodesRemote groups allow users to implement powerful rules. Supports automatic fallback, load...