Overlord : Red Teaming Infrastructure Automation
Overlord provides a python-based console CLI which is used to build Red Teaming infrastructure in an automated way. The user has to provide inputs by using the tool’s modules (e.g. C2, Email Server, HTTP web delivery server, Phishing server etc.) and the full infra / modules and scripts will be generated automatically on a cloud provider of choice. Currently...
BetterXencrypt : A Better Version Of Xencrypt
BetterXencrypt is a better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs. cause Xencrypt is not FUD anymore and easily get caught by AMSI,i recode the stub and now it FUD again. And the original Xencrypt,if you see on the screenshot proof,he's tested on Windows 8,and if i test it on the newest...
Reproxy : Simple Edge Server / Reverse Proxy
Reproxy is a simple edge HTTP(s) server / reverse proxy supporting various providers (docker, static, file). One or more providers supply information about the requested server, requested URL, destination URL, and health check URL. It is distributed as a single binary or as a docker container. Automatic SSL termination with Let's EncryptSupport of user-provided SSL certificatesSimple but flexible proxy rulesStatic, command-line...
Modded-Ubuntu : Run Ubuntu GUI On Your Termux With Much Features
Modded-Ubuntu is a tool used to run ubuntu GUI on your termux with much features. Features Fixed Audio OutputLightweight {Requires at least 4GB Storage}Katoolin3 tool for installing kali tools2 Browsers (Chromium & Mozilla Firefox)Supports Bangla FontsVLC Media PlayerVisual Studio CodeEasy for Beginners Installation First Clone the Repository & Run the setup File pkg update -y && pkg upgrade -ypkg install git wget -ygit clone...
Cypheroth : Automated & Extensible Toolset That Runs Cypher Queries
Cypheroth is a automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets. This is a bash script that automates running cypher queries against Bloodhound data stored in a Neo4j database. I found myself re-running the same queries through the Neo4j web interface on multiple assessments and figured there must be an easier way. The...
KubiScan : A Tool To Scan Kubernetes Cluster For Risky Permissions
A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. The tool was published as part of the "Securing Kubernetes Clusters by Eliminating Risky Permissions" research https://www.cyberark.com/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions/. Overview KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots...
Spraygen : Password List Generator For Password Spraying
Spraygen is a password list generator for password spraying - prebaked with goodies. Version 1.5 Generates permutations of Months, Seasons, Years, Sports Teams (NFL, NBA, MLB, NHL), Sports Scores, "Password", and even Iterable Keyspaces of a specified size. All permutations are generated with common attributes appended/prepended (such as "!" or "#"), or custom separators (such as "." or "_"). Common letter replacement option...
Sish : HTTP(S)/WS(S)/TCP Tunnels To Localhost Using Only SSH
Sish is an open source serveo/ngrok alternative. Builds are made automatically for each commit to the repo and are pushed to Dockerhub. Builds are tagged using a commit sha, branch name, tag, latest if released on main. You can find a list here. Each release builds separate sish binaries that can be downloaded from here for various OS/archs. Feel free...
HttpDoom : A Tool For Response-Based Inspection Of Websites
HttpDoom is a validate large HTTP-based attack surfaces in a very fast way. Heavily inspired by Aquatone. Why? When I utilize Aquatone to flyover some hosts, I have some performance issues by the screenshot feature, and the lack of extension capabilities - like validating front-end technologies with a plugin-like system -, also, my codebase is mainly C# and Rust, and make...
IRTriage : Incident Response Triage – Windows Evidence Collection For Forensic Analysis
Scripted collection of system information valuable to a Forensic Analyst. IRTriage will automatically "Run As ADMINISTRATOR" in all Windows versions except WinXP. The original source was Triage-ir v0.851 an Autoit script written by Michael Ahrendt. Unfortunately Michael's last changes were posted on 9th November 2012 I let Michael know that I have forked his project: I am pleased to anounce that...
