BlackArch Linux – Penetration Testing Distribution
BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 2336 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. ChangeLog added more than 150 new toolsadded terminus font for all WMs (thanks to psf for i3-wm bugfixes)included linux kernel 5.2.9new ~/.vim and ~/.vimrc (thanks to noptrix offering...
Phishing Simulation : Increase Phishing Awareness By Providing An Intuitive Tutorial & Customized Assessment
Phishing Simulation mainly aims to increase phishing awareness by providing an intuitive tutorial and customized assessment (without any actual setup - no domain, no infrastructure, no actual email address) to assess people's action on any given situation and gives ability to understand what is the current awareness posture. What? One of the objective of organizations carrying out red team assessment is...
PingCastle : Get Active Directory Security At 80% In 20% Of The Time
PingCastle is a tool designed to assess quickly the Active Directory security level with a methodology based on risk assessment and a maturity framework. It does not aim at a perfect evaluation but rather as an efficiency compromise. The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org. ...
Mondoo : Native Security & Vulnerability Risk Management
Mondoo Cloud is a native security & vulnerability risk management. Quick Start Installing Workstation export MONDOO_REGISTRATION_TOKEN='changeme' curl -sSL http://mondoo.io/download.sh | bash Service export MONDOO_REGISTRATION_TOKEN='changeme' curl -sSL http://mondoo.io/install.sh | bash For other installation methods, have a look at our documentation. Run a scan: # scan a docker image from remote registry mondoo vuln -t docker://centos:7 # scan docker container (get ids from docker ps) mondoo vuln...
BLUESPAWN : Windows-Based Active Defense & EDR Tool To Empower Blue Teams
BLUESPAWN helps blue teams monitor Windows systems in real-time against active attackers by detecting anomalous activity. We've created and open-sourced this for a number of reasons which include the following: Move Faster: We wanted tooling specifically designed to quickly identify malicious activity on a systemKnow our Coverage: We wanted to know exactly what our tools could detect and not rely...
EMAGNET : Leaked Databases With 97.1% Accurate To Grab Mail + Password
Emagnet is a very powerful tool for it's purpose which is to capture email addresses and passwords from leaked databases uploaded on pastebin. It's almost impossible to find leaked passwords when they are out of list on pastebin.com. Either they have been deleted by pastebin's techs or the uploads is just one in the crowd. To be honest it's...
PyFuscation : Obfuscate Powershell Scripts By Replacing Function Names, Variables & Parameters
PyFuscation is a obfuscate powershell scripts by replacing Function names, Variables and Parameters. It Requires python3. Usage PyFuscation.py Also Read - Barq: The AWS Cloud Post Exploitation Framework Optional arguments: -h, --help show this help message and exit-f Obfuscate functions ○ Do this First … Its probably the most likely to...
Btlejack : Bluetooth Low Energy Swiss-Army Knife
Btlejack provides everything you need to sniff, jam and hijack Bluetooth Low Energy devices. It relies on one or more BBC Micro:Bit. Devices running a dedicated firmware. You may also want to use an Adafruit's Bluefruit LE sniffer or a nRF51822 Eval Kit, as we added support for these devices. Current version of this tool (2.0) supports BLE 4.x and 5.x. The BLE 5.x...
mpDNS : Multi-Purpose DNS Server 2019
mpDNS aka multi-purpose DNS server is a simple, configurable "clone & run" DNS server with multiple useful features. Should work on Python 2 and 3names.db -> holds all custom records (see examples)Simple wildcards like *.example.comCatch unicode dns requestsCustom actions aka macro:{{shellexec::dig google.com +short}} -> Execute shell command and respond with result{{eval::res = '1.1.1.%d' % random.randint(0,256)}} -> Evaluate your python code{{file::/etc/passwd}} -> Respond with...
Ehtools : Penetration Tools That Can Be Explored Easily
Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, ...
