Aggrokatz : An Aggressor Plugin Extension For Cobalt Strike Which Enables Pypykatz To Interface With The Beacons Remotely
aggrokatz is an Aggressor plugin extension for CobaltStrike which enables pypykatz to interface with the beacons remotely.The current version of aggrokatz allows pypykatz to parse LSASS dump files and Registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon (Cobalt Strike is already there anyhow). In the future this project aims to provide additional features...
Volatility GUI : GUI For Volatility Forensics Tool
This is a GUI for Volatility forensics tool written in PyQT5. Prerequisites 1- Installed version of Volatility. 2- Install PyQT5. sudo apt-get install python3-pyqt5 3- Download Volatility GUI Configuration From the downloaded Volatility GUI, edit config.py file to specify 1- Python 2 bainary name or python 2 absolute path in python_bin. 2- Volatility binary absolute path in volatility_bin_loc. Then run config.py script to build the profiles list according to your configurations python3 config.py After that start...
Gundog : Guided Hunting In Microsoft 365 Defender
gundog - PowerShell based guided hunting in Microsoft 365 Defender Gundog provides you with guided hunting in Microsoft 365 Defender. Especially (if not only) for Email and Endpoint Alerts at the moment. Functionality You provide an AlertID (you might received via Email notification) and gundog will then hunt for as much as possible associated data. It does not give you the flexibility...
Redpill : Assist Reverse Tcp Shells In Post-Exploration Tasks
Redpill project aims to assist reverse tcp shells in post-exploration tasks. Often in redteam engagements weneed to use unconventional ways to access target system, such as reverse tcp shells (not metasploit) in orderto bypass the defenses implemented by the system administrator. After the first stage was successful compleatedwe face another type of problems: "I have (shell) access to the target...
iOS Malicious Bit Hunter : A Malicious Plug-In Detection Engine For iOS Applications
iOS Malicious Bit Hunter is a malicious plug-in detection engine for iOS applications. It can analyze the head of the macho file of the injected dylib dynamic library based on runtime, and can perform behavior analysis through interface input characteristics to determine the behavior of the dynamic library feature. The program does not rely on the jailbreak environment and...
Interactsh : An OOB Interaction Gathering Server And Client Library
Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example - Blind SQLi, Blind CMDi, SSRF, etc. Features DNS/HTTP/SMTP Interaction supportCLI Client / Web Dashboard supportAES encryption with zero loggingAutomatic ACME based Wildcard TLS w/ Auto RenewalSELF Hosting version support A hosted instance of the service with WEB UI is...
A2P2V : Automated Attack Path Planning and Validation
A2P2V ( Automated Attack Path Planning and Validation) is a planning and cyber-attack tool that provides the capability for users to determine a set of ranked attack sequences given a specific attacker goal. The aim of the tool is to simplify process so that non-security experts can generate clear, actionable intelligence from basic inputs using as much automation as...
BlueCloud : Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D
BlueCloud , a Cyber Range deployment of HELK and Velociraptor! Automated terraform deployment of one system running HELK + Velociraptor server with one registered Windows endpoint in Azure or AWS. A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small HELK + Velociraptor R&D lab. Use Cases EDR Testing labPenetration Testing labSIEM / Threat Hunting / DFIR...
pyWhat : Identify Anything. Easily Lets You Identify Emails, IP Addresses, And More…
pyWhat is the easiest way to identify anything. pip3 install pywhat && pywhat --help What is this? Imagine this: You come across some mysterious text 🧙♂️ 5f4dcc3b5aa765d61d8327deb882cf99 and you wonder what it is. What do you do? Well, with what all you have to do is ask what "5f4dcc3b5aa765d61d8327deb882cf99" and what will tell you! what's job is to identify what something is. Whether it be a file or text! Or even the hex of a file! What about...
EmailFinder : Search Emails From A Domain Through Search Engines
EmailFinder is a tool to search emails through Search Engines. The software is designed to check a company's emails found in the search engines |_ Author: @JosueEncinar|_ Description: Search emails from a domain through search engines.|_ Version: 0.1b|_ Usage: emailfinder -d domain.com Installation > pip3 install emailfinder Upgrades are also available using > pip3 install emailfinder --upgrade Search Engines google: Ok (note cookies policy and Captcha!).bing: OK.baidu: OK...
