Kali
PowerShell Armoury is meant for pentesters, “insert-color-here”-teamers and everyone else who uses a variety of PowerShell tools during their engagements. It allows you to download and store all of your favourite PowerShell scripts in a single, encrypted file. You do not have to hassle with updating Rubeus, PowerView, manually. Just create a configuration file once …
Continue reading “PowerShell Armoury : A PowerShell Armoury For Security Guys And Girls”
Salus (Security Automation as a Lightweight Universal Scanner), named after the Roman goddess of protection, is a tool for coordinating the execution of security scanners. You can run Salus on a repository via the Docker daemon and it will determine which scanners are relevant, run them and provide the output. Most scanners are other mature open …
Totp-Ssh-Fluxer will take Security By Obscurity To The Next Level. Some people change their SSH port on their servers so that it is slightly harder to find for bots or other nasties, and while that is generally viewed as an action of security through obscurity it does work very well at killing a lot of the automated …
Continue reading “TotP-SSH-Fluxer : Take Security By Obscurity To The Next Level”
HookDump is a tool for security product hook detection. Building Source In order to build this you will need Visual Studio 2019 (community edition is fine) and CMake. The batch file Configure.bat will create two build directories with Visual Studio solutions. The project may build with MinGW with the correct CMake command line, this is …
Continue reading “HookDump : Security Product Hook Detection”
Introduction to KubeArmor KubeArmor is a container-aware runtime security enforcement system that restricts the behavior (such as process execution, file access, networking operation, and resource utilization) of containers at the system level. KubeArmor operates with Linux security modules (LSMs), meaning that it can work on top of any Linux platforms (such as Alpine, Ubuntu, and Container-optimized …
Continue reading “KubeArmor : Container-aware Runtime Security Enforcement System”
A curated list of Android Security materials and resources For Pentesters and Bug Hunters. Blog AAPG – Android application penetration testing guide TikTok: three persistent arbitrary code executions and one theft of arbitrary files Persistent arbitrary code execution in Android’s Google Play Core Library: details, explanation and the PoC – CVE-2020-8913 Android: Access to app …
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. To learn more about this, visit our documentation. It relies heavily on its plugin system to provide basic scanning capabilities. All publicly available to this plugins are hosted in a separate google/tsunami-security-scanner-plugins repository. Current …
SGN is a polymorphic binary encoder for offensive security purposes such as generating statically undetecable binary payloads. It uses a additive feedback loop to encode given binary instructions similar to LSFR. This project is the reimplementation of the original Shikata ga nai in golang with many improvements. How? & Why? For offensive security community, the …
Continue reading “SGN : A Polymorphic Binary Encoder For Offensive Security Purposes”
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing and red teaming. Nishang is useful during all phases of penetration testing. Usage Import all the scripts in the current PowerShell session (PowerShell v3 onwards). PS C:\nishang> Import-Module .\nishang.psm1 Use the individual scripts with dot …
NullScan is a modular framework designed to chain and automate security tests. It parses target definitions from the command line and runs corresponding modules and their nullscan-tools afterwards. It can also take hosts and start nmap first in order to perform a basic portscan and run the modules afterwards. Also, nullscan can parse a given …
Continue reading “NullScan : A Modular Framework Designed To Chain & Automate Security Tests”
