NebulousAD : Automated Credential Auditing Tool
NebulousAD automated credential auditing tool. I will be adding a wiki, documentation, etc. soon. Features: Will be adding a redact-by-group feature that will not dump hashes or check against the api for accounts in specific groups (such as domain administrators). Installation Simply download the precompiled release (requires no python interpreter), or build from source: Requires Python2.7 (for now) Run git clone git@github.com:NuID/nebulousAD.git Next, install with python...
PHPStan – PHP Static Analysis Tool – Discover Bugs In Your Code Without Running It
PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code. It moves PHP closer to compiled languages in the sense that the correctness of each line of the code can be checked before you run the actual line. Prerequisites PHPStan requires PHP >= 7.1....
5 Essential Tips to Protect Your Student Data Privacy
The rapid advancement of technology has made it easier for students to protect their information and engage with their teachers in class thus making learning easier and efficient. Technology has made it easier for teachers to collaborate with their students during sessions. When using education technological tools, you have to collect the relevant student data so that you can tailor your teaching techniques accordingly....
EVABS : An Open Source Android Application That Is Intentionally Vulnerable
EVABS is an open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application vulnerabilities in a story-based, interactive model. EVABS follows a level-wise difficulty...
4CAN : Open Source Security Tool to Find Security Vulnerabilities in Modern Cars
4CAN is an open source security tool to find security vulnerabilities in modern cars. Tested on the following raspbian images using a pi3b+ Apr 2019 (kernel 4.14.98-v7+)Oct 2018 (kernel 4.14.71-v7+)Jun 2018 (kernel 4.14.50-v7+) 4can should also work with a pi0w, but it's recommended to use at least a pi3b. Also recommend using a heatsink on the pi, because the pi...
AIL Framework : Analysis Information Leak Framework
AIL framework is for Analysis of Information Leaks. AIL is a modular framework to analyse potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams. AIL framework is flexible and can be extended to support other functionalities to mine or process sensitive information (e.g. data leak prevention). Features Modular architecture to handle streams...
Airgeddon : This Is A Multi-Use Bash Script For Linux Systems To Audit Wireless Networks
Airgeddon is a multi-use bash script for Linux systems to audit wireless networks. Content & Features HomeFeaturesScreenshotsWallpapers Requirements RequirementsCompatibilityEssential ToolsOptional ToolsBeEF TipsHashcat TipsBettercap TipsUpdate ToolsInternal ToolsKnown incompatibilities Also Read - AutoRDPwn : The Shadow Attack Framework Installation & Usage It is essential to run this script as root, otherwise airgeddon won't work properly. Generic Installation Installation method 1(easiest) Requirements: git Clone the repository ~$ git clone --depth 1 https://github.com/v1s1t0r1sh3r3/airgeddon.git Go to the...
Sublert : Security & Reconnaissance Tool Which Leverages Certificate Transparency
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate. The tool is supposed to be scheduled to run periodically at fixed times, dates, or intervals (Ideally each day). New identified subdomains will be sent to Slack workspace with a notification push. Furthermore, the tool...
IPRotate : Extension For Burp Suite Which Uses AWS API Gateway To Rotate Your IP On Every Request
IPRotate is a tool used for Burp Suite which uses AWS API Gateway to change your IP on every request. This extension allows you to easily spin up API Gateways across multiple regions. All the Burp Suite traffic for the targeted host is then routed through the API Gateway endpoints which causes the IP to be different on each...
LdapDomainDump : Active Directory Information Dumper via LDAP
LDAPDomainDump is an Active Directory information dumper via LDAP. In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP an interesting protocol for gathering information in the recon phase of a pentest of an internal network. A problem is that data from LDAP often is...
