DeepBlueCLI : A PowerShell Module For Threat Hunting Via Windows Event Logs
DeepBlueCLI is a PowerShell Module for Threat Hunting via Windows Event Logs. Usage .DeepBlue.ps1 <event log name> <evtx filename> See the Set-ExecutionPolicy Readme if you receive a 'running scripts is disabled on this system' error. Process local Windows security event log (PowerShell must be run as Administrator): .DeepBlue.ps1or:.DeepBlue.ps1 -log security Process local Windows system event log: .DeepBlue.ps1 -log system Process evtx file: .DeepBlue.ps1 .evtxnew-user-security.evtx Windows Event Logs Processed Windows SecurityWindows...
Webshell Analyzer : Web Shell Scanner & Analyzer
Webshell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is the bigger brother to the web shell scanner project (http://github.com/tstillz/webshell-scan), which only scans files via regex, no decoding or attribute analysis. Features Cross platform, statically compiled binary.JSON outputCurrently supports most...
How Much Does It Cost to Hire Front-end Developers?
The front-end developer salary cannot simply be expressed in a number. There are big differences in the monthly salary due to the professional experience, the industry, the negotiating skills and the level of knowledge. The most important factor, however, is the location of the programmer. Salaries due to the location The highest salaries are paid to employees in Switzerland, the USA...
Trident : Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to meet the following requirements: The ability to be deployed on several cloud platforms/execution providersThe ability to schedule spraying campaigns in accordance with a target’s account lockout policyThe ability to increase the IP pool that authentication attempts originate from for operational security purposesThe ability to quickly extend functionality to include...
PowerZure : PowerShell Framework To Assess Azure Security
PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created out of the need for a framework that can both perform reconnaissance and exploitation of Azure, AzureAD, and the associated resources. CLI vs. Portal A common question is why use PowerZure or command line at all when you can just login to...
PowerShell Red Team : Collection Of PowerShell Functions
Collection of PowerShell functions a Red Teamer may use to collect data from a machine or gain access to a target. I added ps1 files for the commands that are included in the RedTeamEnum module. This will allow you to easily find and use only one command if that is all you want. If you want the entire module...
APICheck : The DevSecOps Toolset For REST APIs
APICheck is a complete toolset designed and created for testing REST APIs. Why APICheck? APICheck focuses not only in the security testing and hacking use cases. The goal of the project is to become a complete toolset for DevSecOps cycles. The tools are aimed to diverse users profiles: DevelopersSystem AdministratorsSecurity Engineers & Penetration Testers APICheck is an environment for integrating existing HTTP APIs tools...
Nethive Project : Restructured & Collaborated SIEM & CVSS Infrastructure
The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements. Features Machine Learning powered SQL Injection DetectionServer-side XSS Detection based on Chrome's XSS AuditorPost-exploitation Detection powered by AuditbeatBash Command History TrackerCVSS Measurement on Detected AttacksRealtime Log Storing powered by Elasticsearch and LogstashBasic System MonitoringResourceful Dashboard UINotify Suspicious Activity via Email Installation Before installing, please make sure...
Widevine L3 Decryptor : A Chrome Extension That Demonstrates Bypassing Widevine L3 DRM
Widevine is a Google-owned DRM system that's in use by many popular streaming services (Netflix, Spotify, etc.) to prevent media content from being downloaded. But Widevine's least secure security level, L3, as used in most browsers and PCs, is implemented 100% in software (i.e no hardware TEEs), thereby making it reversible and bypassable. This Chrome extension demonstrates how it's possible to...
Scrying : A Tool For Collecting RDP, Web & VNC Screenshots All In One Place
Scrying is a new tool for collecting RDP, web and VNC screenshots all in one place. This tool is still a work-in-progress and should be mostly usable but is not yet complete. Please file any bugs or feature requests as GitHub issues Caveats Web screenshotting relies on Chromium or Google Chrome being installed Motivation Since Eyewitness recently dropped support for RDP there isn't a...
