Watson : Enumerate Missing KBs & Suggest Exploits For Useful Privilege Escalation Vulnerabilities
Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities. Supported Versions Windows 10 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004Server 2016 & 2019 Usage - OS Build Number: 14393>>Enumerating installed KBs…- CVE-2019-0836 : VULNERABLE>>https://exploit-db.com/exploits/46718>>https://decoder.cloud/2019/04/29/combinig-luafv-postluafvpostreadwrite-race-condition-pe-with-diaghub-collector-exploit-from-standard-user-to-system/- CVE-2019-0841 : VULNERABLE>>https://github.com/rogue-kdc/CVE-2019-0841>>https://rastamouse.me/tags/cve-2019-0841/- CVE-2019-1064 : VULNERABLE>>https://www.rythmstick.net/posts/cve-2019-1064/- CVE-2019-1130 : VULNERABLE>>https://github.com/S3cur3Th1sSh1t/SharpByeBear- CVE-2019-1253 : VULNERABLE>>https://github.com/padovah4ck/CVE-2019-1253- CVE-2019-1315 : VULNERABLE>>https://offsec.almond.consulting/windows-error-reporting-arbitrary-file-move-eop.htmlFinished. Found 6 potential...
DefenderCheck : Identifies The Bytes That Microsoft Defender Flags On
DefenderCheck quick tool to help make evasion work a little bit easier. Takes a binary as input and splits it until it pinpoints that exact byte that Microsoft Defender will flag on, and then prints those offending bytes to the screen. This can be helpful when trying to identify the specific bad pieces of code in your tool/payload. Note: Defender...
SharpGPOAbuse : Tool To Take Advantage Of A User’s Edit Rights On A Group Policy Object (GPO)
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO. More details can be found at the following blog post: https://labs.mwrinfosecurity.com/tools/sharpgpoabuse Compile Instructions Make sure the necessary NuGet packages are installed properly and simply...
TUF : A Framework For Securing Software Update Systems
TUF is a repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform to version 1.0 of the TUF specification. This implementation is in use in production systems, but is also intended to be a readable guide and demonstration for those working on implementing TUF in their own languages, environments,...
SecretScanner : Find Secrets & Passwords In Container Images And File Systems
Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets? Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure (such as accounts, devices, network, cloud based services), applications, storage, databases and other kinds of critical data for an organization. For example, passwords, AWS access IDs,...
InveighZero : Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool
InveighZero is a C# LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to a Windows system. This version shares many features with the PowerShell version of Inveigh. Privileged Mode Features (elevated admin required) SMB capture - packet sniffer basedLLMNR spoofer - packet sniffer basedNBNS spoofer - packet sniffer basedmDNS spoofer - packet sniffer basedDNS...
ClearURLs : Automatically Remove Tracking Elements From URLs
ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This extension will automatically remove tracking elements from URLs to help protect your privacy when browse through the Internet, which is regularly updated by us and can be found here. Application Many websites use tracking elements in the URL (e.g. https://example.com?utm_source=newsletter1&utm_medium=email&utm_campaign=sale) to mark...
Android_Hid : Use Android As Rubber Ducky Against Another Android Device
Android_Hid is a tool used by android as Rubber Ducky against targeted Android device or PC. HID Attack Using Android Using Android as Rubber Ducky against Android or Windows. This is not a new technique, just a demo how to perform HID attack using Android instead of rubber ducky. For targeted Android device it is not necessary to be rooted, have...
Kics : Find Security Vulnerabilities & Compliance Issues
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx. KICS stands for Keeping Infrastructure as Code Secure, it is open source and is a must-have for any cloud native project. Supported Platforms Support of other solutions and additional cloud providers are on the roadmap. Getting Started Setting up and using KICS is super-easy. First,...
Boomerang : A Tool To Expose Multiple Internal Servers To Web/Cloud
Boomerang is a tool to expose multiple internal servers to web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports on the Cloud. One will be where tools like proxychains can connect over socks, another will be for the agent to connect. The agent can be executed on any internal host. The agent will connect to the server and...
