Grype : A Vulnerability Scanner For Container Images And Filesystems
Grype is a vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Features Scan the contents of a container image or filesystem to find known vulnerabilities.Find vulnerabilities for major operating system packagesAlpineBusyBoxCentOS / Red HatDebianUbuntuFind vulnerabilities for language-specific packagesRuby (Bundler)Java (JARs, etc)JavaScript (NPM/Yarn)Python (Egg/Wheel)Python pip/requirements.txt/setup.py listingsSupports Docker and OCI image formats If you encounter an issue,...
Taser : Python3 Resource Library For Creating Security Related Tooling
TASER (Testing And SEecurity Resource) is a Python resource library used to simplify the process of creating offensive security tooling, especially those relating to web or external assessments. It's modular design makes it easy for code to be customized and re-purposed in a variety of scenarios. Key Features Easily invoke web spiders or search engine scrapers to aid in data collection.Supports...
Cobalt Strike Scan : Scan Files Or Process Memory For CobaltStrike Beacons & Parse Their Configuration
Scan files or process memory for Cobalt Strike beacons and parse their configuration. CobaltStrikeScan scans Windows process memory for evidence of DLL injection (classic or reflective injection) and performs a YARA scan on the target process' memory for Cobalt Strike v3 and v4 beacon signatures. Alternatively, CobaltStrikeScan can perform the same YARA scan on a file supplied by absolute or relative...
Manuka : A Modular OSINT Honeypot For Blue Teamers
Manuka is an Open-source intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers. It creates a simulated environment consisting of staged OSINT sources, such as social media profiles and leaked credentials, and tracks signs of adversary interest, closely aligning to MITRE’s PRE-ATT&CK framework. Manuka gives Blue Teams additional visibility of the...
Pesidious : Malware Mutation using Deep Reinforcement Learning & GANs
The purpose of the tool is to use artificial intelligence to mutate a malware (PE32 only) sample to bypass AI powered classifiers while keeping its functionality intact. In the past, notable work has been done in this domain with researchers either looking at reinforcement learning or generative adversarial networks as their weapons of choice to modify the states of...
NoSQLi : NoSql Injection CLI Tool
NoSQL1 is a NoSQL scanner and injector. I wanted a better nosql injection tool that was simple to use, fully command line based, and configurable. To that end, I began work on nosqli - a simple nosql injection tool written in Go. It aims to be fast, accurate, and highly usable, with an easy to understand command line interface. Features Nosqli currently...
SSJ : Linux Distribution Gone Super Saiyan
SSJ is a silly little script that makes use of Docker installed on your everyday Linux distribution (Ubuntu, Debian, etc.) and magically arms it with hundreds of penetration testing and forensics tools. All of these run with almost native performance (as containers utilize the host operating system's kernel) and thus is a slightly better alternative to Virtual Machines in...
Taken : Takeover AWS IPS & Have A Working POC For Subdomain Takeover
Taken is a tool to takeover AWS ips and have a working POC for Subdomain Takeover. Idea is simple Get subdomains.Do reverse lookups to only save AWS ips.Restart EC2 instance every min. and public ip gets rotated on each restart. Match it with your existing list of subdomain ips and you have a working subdomain takeover POC.Notify via email as...
Simple Live Data Collection
Simple Live Data Collection. How it works? Build serverConnect with admin and client to serverTo collect information, send the request to the server through the admin, and then to the client Installation git clone https://github.com/LetsDefend/Simple-Live-Data-Collection Server cd server python main.py Admin cd admin python main.py Client cd client python main.py Change the "HOST" variable in main.py file Screenshots Download
TheCl0n3r : Tool To Download & Manage Your Git Repositories
TheCl0n3r will allow you to download and manage your git repositories. About 90% of the penetration testing tools used in my experience can be found primarily on github. The aim of this was to make it easier to download, update and delete these git repositories. If moving to a new testing system, make it simpler to transfer the same...
