CredNinja – A Multithreaded Tool Designed To Identify If Credentials Via SMB
CredNinja is a multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter This tool is intended for penetration testers who want to perform an engagement quickly and efficiently. While this tool can be used for more covert operations (including some additions below),...
Cyber Essentials Accreditation and Its Impact to Retail Stores
If you aren’t accredited for Cyber Essentials, then you’re missing out on A-L-O-T. If you’re new to the term, Cyber Essentials is basically a government-supported certification class for UK-based industries, businesses, and websites. Highlighting the benefits and value of cybersecurity, this program intends to spur you toward bolstering your efforts to shield your business and customers’ data privacy. It does that by...
Mimir : Smart OSINT Collection Of Common IOC Types
Mimir is a smart OSINT collection of common IOC types. This application is designed to assist security analysts and researchers with the collection and assessment of common IOC types. Accepted IOCs currently include IP addresses, domain names, URLs, and file hashes. The title of this project is named after Mimir, a figure in Norse mythology renowned for his knowledge and...
AirCrack-NG : WiFi Security Auditing Tools Suite
AirCrack-NG is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools.Attacking: Replay attacks, deauthentication, fake access points and others via packet injection.Testing: Checking WiFi cards and driver capabilities (capture and injection).Cracking: WEP and WPA...
AgentSmith-HIDS : Open Source Host-based Intrusion Detection System
Technically, AgentSmith-HIDS is not a Host-based Intrusion Detection System (HIDS) due to lack of rule engine and detection function. However, it can be used as a high performance 'Host Information Collect Agent' as part of your own HIDS solution. The comprehensiveness of information which can be collected by this agent was one of the most...
Memhunter : Live Hunting Of Code Injection Techniques
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known malicious memory injection techniques. The detection process is performed through live analysis and without needing memory dumps. The...
HerShell : Multiplatform Reverse Shell Generator
Hershell is a tool for simple TCP reverse shell written in Go. It uses TLS to secure the communications, and provide a certificate public key fingerprint pinning feature, preventing from traffic interception. Supported OS are: WindowsLinuxMac OSFreeBSD and derivatives Why? Although meterpreter payloads are great, they are sometimes spotted by AV products. The goal of this project HerShell is to get...
Check-LocalAdminHash : PowerShell Tool To Authenticate Multiple Hosts Over WMI Or SMB
Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to determine if the provided credential is a local administrator. It's useful if you obtain a password hash for a user and want to see where they are local admin on a network. It...
SharpStat : C# Utility That Uses WMI To Run CMD
SharpStat is a C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely. This script will attempt to connect to all the supplied computers and use WMI to execute cmd.exe /c netstat -n > <file>. The file the output is saved to is...
KsDumper : Dumping Processes Using The Power Of Kernel Space
KsDumper is a dumping processes using the power of kernel space. It is a custom driver that would allow me to copy the process memory without using OpenProcess. Features Dump any process main module using a kernel driver (both x86 and x64)Rebuild PE32/PE64 header and sectionsWorks on protected system processes & processes with stripped handles (anti-cheats) Note: Import table isn't rebuilt. Also...
%20(1).png "Bore : Simple CLI Tool For Making Tunnels To Localhost")
