HoneyCreds : Network Credential Injection To Detect Responder And Other Network Poisoners
HoneyCreds network credential injection to detect responder and other network poisoners. Requirements Requires Python 3.6+ (tested on Python 3.9)smbprotocolcffisplunk-sdk Installation git clone https://github.com/Ben0xA/HoneyCreds.gitcd HoneyCredspip3 install -r requirements.txt Running python3 honeycreds.py Settings It is advised that you change these settings to best suit your environment. Note: You can use an existing account, just change the password. Change these in honeycreds.conf Choose a legit looking username def_username = 'honeycreds' This can match your...
Dark Load Library : Load Library For Offensive Operations
Dark Load Library is a tool to Load Library for offensive operations. Usage DARKMODULE DarkModule = DarkLoadLibrary(LOAD_LOCAL_FILE, // control flagsL"TestDLL.dll", // local dll path, if loading from diskNULL, // DLL Buffer to load from if loading from memory0, // dll size if loading from memoryNULL // dll name if loaded from memory); Control Flags LOAD_LOCAL_FILE - Load a DLL from the file system.LOAD_MEMORY -...
Mythic : A Collaborative, Multi-Platform, Red Teaming Framework
Mythic is a cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It's designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming. Installing Agents and C2 Profiles The Mythic repository itself does not host any Payload Types or any C2 Profiles. Instead, Mythic provides a command, ./mythic-cli install...
HashCheck : Tool To Assist In The Search For Leaked Passwords
HashCheck is a project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the k-anonymity method. To achieve this, the APIs of different services are used, sending only a part of the Hash of the password we want to check, for example, the first 5 characters. Prerequisites The project needs some libraries in order...
Swift-Attack : Unit Tests For Blue Teams To Aid With Building Detections For Some Common macOS Post Exploitation Methods
Swift-Attack is a unit tests for blue teams to aid with building detections for some common macOS post exploitation methods. I have included some post exploitation examples using both command line history and on disk binaries (which should be easier for detection) as well as post exploitation examples using API calls only (which will be more difficult for detection)....
Xerror : An Automated Penetration Tool
Xerror is an automated penetration tool , which will help security professionals and non professionals to automate their pen testing tasks. Xerror will perform all tests and, at the end generate two reports for executives and analysts. Xerror provides GUI easy to use menu driven options.Internally it supports openVas for vulnerability scanning, Metasploit for exploitation and gives GUI based options...
NamedPipePTH : Pass The Hash To A Named Pipe For Token Impersonation
NamedPipePTH project is a PoC code to use Pass-the-Hash for authentication on a local Named Pipe user Impersonation. There also is a blog post for explanation: https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/ It is heavily based on the code from the projects Invoke-SMBExec.ps1 and RoguePotato. I faced certain Offensive Security project situations in the past, where I already had the NTLM-Hash of a low privileged user account and needed a shell for...
LocCheck : A Tool For Simplifying The Process Of Researching IOCs
LocCheck is a tool for simplifying the process of researching file hashes, IP addresses, and other indicators of compromise (IOCs). Features Look up hashes across multiple threat intelligence services, from a single command or a few lines of Python.Currenty supports the following services:VirusTotalMalwareBazaarShodan.ioPlanned support:URLhausOTXInQuest LabsMalShareMalpediaMaltiverse Quickstart pip install ioccheck You can also run the code directly git clone https://github.com/ranguli/ioccheck && cd ioccheckpoetry install Usage ➜ ioccheck 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0fChecking...
Squalr : Squalr Memory Editor – Game Hacking Tool Written In C#
Squalr is performant Memory Editing software that allows users to create and share cheats in their windows desktop games. This includes memory scanning, pointers, x86/x64 assembly injection, and so on. Squalr achieves fast scans through multi-threading combined with SIMD instructions. See this article: SIMD in .NET. To take advantage of these gains, your CPU needs to have support for SSE, AVX, or...
Kconfig : Hardened-Check – A Tool For Checking The Hardening Options In The Linux Kernel Config
Kconfig is a tool For Checking The Hardening Options In The Linux Kernel Config There are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros. We have to enable these options ourselves to make our systems more secure. But nobody likes checking configs manually. So let the computers do their job! kconfig-hardened-check.py helps me...
