Kali
Tailored for professionals who seek to elevate their Docker container security game, this powerful suite offers advanced enumeration, privilege escalation, and container escape functionalities. Designed with utmost compatibility in mind, DEEPCE operates in pure sh, ensuring it seamlessly integrates into any container environment. Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE) In order for …
Continue reading “DEEPCE – Docker’s Ultimate Security Toolkit”
In this section, we’ll explain what server-side request forgery is, describe some common examples, and explain how to find and exploit various kinds of SSRF vulnerabilities. What is SSRF? Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make requests to an …
Continue reading “Server-Side Request Forgery (SSRF) – Exploitation And Defense Insights”
Scour is a modern module based AWS exploitation framework written in golang, designed for red team testing and blue team analysis. Scour contains modern techniques that can be used to attack environments or build detections for defense. Features Command Completion Dynamic resource listing Command history Blue team mode (tags attacks with unique User Agent) Installation …
Exploitivator is a automate Metasploit scanning and exploitation. This has only been tested on Kali. It depends on the msfrpc module for Python, described in detail here: https://www.trustwave.com/Resources/SpiderLabs-Blog/Scripting-Metasploit-using-MSGRPC/ Install the necessary Kali packages and the PostgreSQL gem for Ruby: apt-get install postgresql libpq-dev git-core gem install pg Install current version of the msfrpc Python module …
Continue reading “Exploitivator : Automate Metasploit Scanning And Exploitation”
Flashsploit is an Exploitation Framework for Attacks using ATtiny85 HID Devices such as Digispark USB Development Board, flashsploit generates Arduino IDE Compatible (.ino) Scripts based on User Input and then Starts a Listener in Metasploit-Framework if Required by the Script, in Summary : Automatic Script Generation with Automated msfconsole. Windows Data Exfiltration Extract all WiFi …
Continue reading “FlashSploit : Exploitation Framework For ATtiny85 Based HID Attacks”
SSRF are often used to leverage actions on other services, this framework aims to find and exploit these services easily. SSRFmap takes a Burp request file as input and a parameter to fuzz. Note : Server Side Request Forgery or SSRF is a vulnerability in which an attacker forces a server to perform requests on …
Continue reading “SSRFmap : Automatic SSRF Fuzzer And Exploitation Tool”
WarBerryPi was built to be used as a hardware implant during red teaming scenarios where we want to obtain as much information as possible in a short period of time with being as stealth as possible. Just find a network port and plug it in. The scripts have been designed in a way that the …
Continue reading “WarBerryPi – A Collection Of Scanning Tools For Tactical Exploitation”
.webp)
