KubiScan : A Tool To Scan Kubernetes Cluster For Risky Permissions
A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. The tool was published as part of the "Securing Kubernetes Clusters by Eliminating Risky Permissions" research https://www.cyberark.com/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions/. Overview KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots...
Spraygen : Password List Generator For Password Spraying
Spraygen is a password list generator for password spraying - prebaked with goodies. Version 1.5 Generates permutations of Months, Seasons, Years, Sports Teams (NFL, NBA, MLB, NHL), Sports Scores, "Password", and even Iterable Keyspaces of a specified size. All permutations are generated with common attributes appended/prepended (such as "!" or "#"), or custom separators (such as "." or "_"). Common letter replacement option...
Sish : HTTP(S)/WS(S)/TCP Tunnels To Localhost Using Only SSH
Sish is an open source serveo/ngrok alternative. Builds are made automatically for each commit to the repo and are pushed to Dockerhub. Builds are tagged using a commit sha, branch name, tag, latest if released on main. You can find a list here. Each release builds separate sish binaries that can be downloaded from here for various OS/archs. Feel free...
HttpDoom : A Tool For Response-Based Inspection Of Websites
HttpDoom is a validate large HTTP-based attack surfaces in a very fast way. Heavily inspired by Aquatone. Why? When I utilize Aquatone to flyover some hosts, I have some performance issues by the screenshot feature, and the lack of extension capabilities - like validating front-end technologies with a plugin-like system -, also, my codebase is mainly C# and Rust, and make...
IRTriage : Incident Response Triage – Windows Evidence Collection For Forensic Analysis
Scripted collection of system information valuable to a Forensic Analyst. IRTriage will automatically "Run As ADMINISTRATOR" in all Windows versions except WinXP. The original source was Triage-ir v0.851 an Autoit script written by Michael Ahrendt. Unfortunately Michael's last changes were posted on 9th November 2012 I let Michael know that I have forked his project: I am pleased to anounce that...
PentestBro : Port Scanning, Banner Grabbing & Web Enumeration Into One Tool
Experimental tool for Windows. PentestBro combines subdomain scans, whois, port scanning, banner grabbing and web enumeration into one tool. Uses subdomain list of SecLists. Uses nmap service probes for banner grabbing. Uses list of paths for web enumeration. Example scan of "www.ccc.de" Scanned subdomain, IPs and ports Grabbed banner for each IP and port whois of all IP ranges
How Can I Find Someone’s Location Online?
The internet is changing how we look at things. That is why when you have a connection, looking for someone online is not that difficult. The difference between earlier times and now is that today, we have apps that have simplified the process. They use the internet to help you perform tasks like finding the location of the phone number,...
Top 10 Software Testing Tools in 2021
The introduction of innovative technologies has brought the latest updates in terms of software testing, development, design and delivery. Cost optimization is a top priority for companies around the world. In this case, most IT managers believe in integrating the latest IT technologies into their organization. Digital transformation is another important goal for industries and companies outside of the...
Top 7 Features to Add to Your Website
Your website is your digital store. It is where you can carve out a place for yourself online. Sure, there are many, many websites out there. There is a lot of competition and a lot of fighting for attention. That being said, it is still full of possibilities. A great website is one that doesnot necessarily replace a brick-and-mortar store....
Defeat-Defender : Powerful Batch Script To Dismantle Complete Windows Defender Protection
Defeat-Defender is a powerfull batch file to disable windows defender,firewall,smartscreen and execute the payload. Usage Edit Defeat-Defender.bat on this line https://github.com/swagkarna/Defeat-Defender/blob/93823acffa270fa707970c0e0121190dbc3eae89/Defeat-Defender.bat#L72 and replace the direct url of your payloadRun the script "run.vbs" . It will ask for Admin Permission.If permission Granted The script will work Silently without console windows... After It Got Admin Permission It Will Disable Defender PUAProtectionAutomatic Sample SubmissionWindows FireWallWindows Smart...
