Msldap : LDAP Library For Auditing MS AD
Msldap is a tool for (LDAP) LightWeight Directory Acess Protocol library for MS AD. Features Comes with a built-in console LDAP clientAll parameters can be conrolled via a conveinent URL (see below)Supports integrated windows authentication (SSPI) both with NTLM and with KERBEROSSupports channel binding (for ntlm and kerberos not SSPI)Supports encryption (for NTLM/KERBEROS/SSPI)Supports LDAPS (TODO: actually verify certificate)Supports SOCKS5 proxy withot...
What Are The 10 Best Content Idea Generator Tools
Content matters when presenting yourself on social media, a blog, or when developing your business. Your main goal does not matter. The quality of titles, posts, pictures, and everything you publish on the Internet defines the outcome you get. Proficient bloggers are not generating content by themselves. Instead, they apply practical content idea generator tools; these instruments are irreplaceable...
Mediator : An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture
Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a "mediator" server that bridges the connections. This removes the need for the operator/handler to set up port forwarding in order to listen for the connection. Mediator also allows you to create plugins to expand the functionality of the reverse shell. You can run...
Corsair_Scan : A Security Tool To Test Cross-Origin Resource Sharing (CORS)
Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS) misconfigurations. CORS is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. If this is not properly configured, unauthorised domains can access to those resources. What is CORS? CORS is an HTTP-header based...
Eyeballer : Convolutional Neural Network For Analyzing Pentest Screenshots
Eyeballer is meant for large-scope network penetration tests where you need to find "interesting" targets from a huge set of web-based hosts. Go ahead and use your favorite screenshotting tool like normal (EyeWitness or GoWitness) and then run them through Eyeballer to tell you what's likely to contain vulnerabilities, and what isn't. Example Labels Old-Looking Sites Login Pages Webapp Custom 404's Parked Domains What The Labels...
DFIR-O365RC : PowerShell Module For Office 365 And Azure AD Log Collection
The DFIR-O365RC PowerShell module is a set of functions that allow the DFIR analyst to collect logs relevant for Office 365 Business Email Compromise investigations. The logs are generated in JSON format and retrieved from two main data sources: Office 365 Unified Audit Logs.Azure AD sign-ins logs and audit logs. The two data sources can be queried from different endpoints: Pre-requisites (OS or Azure)Unified Audit Logs / Exchange...
Red-Kube : Red Team K8S Adversary Emulation Based On Kubectl
Red-Kube is a collection of kubectl commands written to evaluate the security posture of Kubernetes clusters from the attacker's perspective. The commands are either passive for data collection and information disclosure or active for performing real actions that affect the cluster. The commands are mapped to MITRE ATT&CK Tactics to help get a sense of where we have most of our...
CIMplant : C# Port Of WMImplant Which Uses Either CIM Or WMI To Query Remote Systems
C# port of WMImplant which uses either CIM or WMI to query remote systems. It can use provided credentials or the current user's session. Note: Some commands will use PowerShell in combination with WMI, denoted with ** in the --show-commands command. Introduction CIMplant is a C# rewrite and expansion on @christruncer's WMImplant. It allows you to gather data about a remote system, execute commands, exfil data,...
APSoft Web Scanner V2 : Powerful Dork Searcher & Vulnerability Scanner For Windows Platform
APSoft Web Scanner V2 is a tool for Powerful Dork Searcher And Vulnerability Scanner For Windows Platform. Software Pictures What Can I Do With This ? with this software, you will be able to search your dorks in supported search engines and scan grabbed urls to find their vulnerabilities. in addition , you will be able to generate dorks, scan urls and saerch dorks...
ByeIntegrity UAC : Bypass UAC By Hijacking A DLL Located In The Native Image Cache
ByeIntegrity UAC is a tool used to bypass user account control (UAC) to gain elevated (Administrator) privileges to run any program at a high integrity level. Requirements Administrator accountUAC notification level set to default or lower How It Works ByeIntegrity hijacks a DLL located in the Native Image Cache (NIC). The NIC is used by the .NET Framework to store optimized .NET Assemblies...
%20(1).png "Process_Overwriting : Yet Another Variant Of Process Hollowing")
