BloodHound
BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.
https://github.com/BloodHoundAD/BloodHound/releases/tag/4.0.2
#bloodhound #postexploit #activedirectoy
BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.
https://github.com/BloodHoundAD/BloodHound/releases/tag/4.0.2
#bloodhound #postexploit #activedirectoy
GitHub
Release BloodHound 4.0.2 · BloodHoundAD/BloodHound
This release comes with a whole heap of bugfixes.
Big thanks to everyone who submitted PRs and fixes (@cnotin @jtothef @nheineger @Scoubi)
Big thanks to everyone who submitted PRs and fixes (@cnotin @jtothef @nheineger @Scoubi)
Bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and #MITM attacks.
https://github.com/bettercap/bettercap/releases/tag/v2.31.1
#bettercap #sslstrip1 #sslstrip2 #replayattack
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and #MITM attacks.
https://github.com/bettercap/bettercap/releases/tag/v2.31.1
#bettercap #sslstrip1 #sslstrip2 #replayattack
GitHub
Release v2.31.1 · bettercap/bettercap
Changelog
New
8c00207 new: gps.new event now reports GPS data changes as they occur (fixes #878)
c38de3a fix: support for negative numbers for decimal parameters (closes #866)
Fixes
0e2fd00 fix:...
New
8c00207 new: gps.new event now reports GPS data changes as they occur (fixes #878)
c38de3a fix: support for negative numbers for decimal parameters (closes #866)
Fixes
0e2fd00 fix:...
"This noscript is intended to mitigate Print Spooler attacks (specifically PrintNightmare CVE-2021-34527) by disabling the Spooler service where it is not needed (non-Print Server servers & DCs)."
https://github.com/jokezone/PowerShell-Scripts/blob/main/Configure-PrintSpooler.ps1#powershell
#blueteam #mitigation #printnightmare
https://github.com/jokezone/PowerShell-Scripts/blob/main/Configure-PrintSpooler.ps1#powershell
#blueteam #mitigation #printnightmare
GitHub
PowerShell-Scripts/Configure-PrintSpooler.ps1 at main · jokezone/PowerShell-Scripts
Random PowerShell noscripts worth sharing. Contribute to jokezone/PowerShell-Scripts development by creating an account on GitHub.
Autoharness
AutoHarness is a tool that automatically generates fuzzing harnesses for you.
https://github.com/parikhakshat/autoharness/releases/tag/1.0
#autoharness #harness #fuzzing
AutoHarness is a tool that automatically generates fuzzing harnesses for you.
https://github.com/parikhakshat/autoharness/releases/tag/1.0
#autoharness #harness #fuzzing
GitHub
Release AutoHarness (v1.0) · parikhakshat/autoharness
Initial Release of AutoHarness
-added executable to shared object functionality
-added automatic header detection or function reconstruction
-added automatic fuzzing harness creation for one argume...
-added executable to shared object functionality
-added automatic header detection or function reconstruction
-added automatic fuzzing harness creation for one argume...
#Keyhacks is a repository which shows quick ways in which #API keys leaked by a bug bounty program can be checked to see if they're valid.
https://github.com/streaak/keyhacks
https://github.com/streaak/keyhacks
GitHub
GitHub - streaak/keyhacks: Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can…
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid. - streaak/keyhacks
#GitDump A pentesting tool that dumps the source code from .git even when the directory traversal is disabled
https://github.com/Ebryx/GitDump
https://github.com/Ebryx/GitDump
GitHub
GitHub - Ebryx/GitDump: A pentesting tool that dumps the source code from .git even when the directory traversal is disabled
A pentesting tool that dumps the source code from .git even when the directory traversal is disabled - Ebryx/GitDump
Cariddi
Take a list of domains, #crawl urls and #scan for endpoints, secrets, api keys, file extensions, tokens and more...
https://github.com/edoardottt/cariddi
#API #Crawler #information_extraction #API_Scraper #informationGathering
Take a list of domains, #crawl urls and #scan for endpoints, secrets, api keys, file extensions, tokens and more...
https://github.com/edoardottt/cariddi
#API #Crawler #information_extraction #API_Scraper #informationGathering
GitHub
GitHub - edoardottt/cariddi: Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens…
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more - edoardottt/cariddi
sx is the command-line network scanner designed to follow the UNIX philosophy.
https://github.com/v-byte-cpu/sx/releases/tag/v0.4.0
#Scanner #cli #SX #go #docker
https://github.com/v-byte-cpu/sx/releases/tag/v0.4.0
#Scanner #cli #SX #go #docker
GitHub
Release v0.4.0 · v-byte-cpu/sx
Changelog
29ca59d feature: vpn support (#94)
29ca59d feature: vpn support (#94)
DCRaT c# source Code
https://github.com/qwqdanchun/DcRat/releases/tag/v1.0.7
https://github.com/qwqdanchun/DcRat
#RAT #opensource
https://github.com/qwqdanchun/DcRat/releases/tag/v1.0.7
https://github.com/qwqdanchun/DcRat
#RAT #opensource
GitHub
Release v1.0.7 · qwqdanchun/DcRat
Add some fun function
Add reg edit
fix password recovery
add normal startup control
fix remote screen can't work when use donut turn to shellcode and inject
Add reg edit
fix password recovery
add normal startup control
fix remote screen can't work when use donut turn to shellcode and inject
PowerShellArmoury
https://github.com/cfalta/PowerShellArmoury/releases/tag/1.5
#AMSI #bypassAV #PostExploit
https://github.com/cfalta/PowerShellArmoury/releases/tag/1.5
#AMSI #bypassAV #PostExploit
GitHub
Release PSArmoury 1.5 · cfalta/PowerShellArmoury
[new] new json config - WARNING: BREAKING CHANGE! - old config formats will no longer work. Have a look at the README.
[new] New-PSArmoury will now run a config syntax check by default (like -Valid...
[new] New-PSArmoury will now run a config syntax check by default (like -Valid...
image_2021-07-13_22-06-17.png
708.4 KB
Recon is a noscript to perform a full recon on a target with the main tools to search for vulnerabilities.
https://github.com/dirsoooo/Recon/releases/tag/v1.0
#recon #informationgathering #enumeration #scanning
https://github.com/dirsoooo/Recon/releases/tag/v1.0
#recon #informationgathering #enumeration #scanning
MAN SPIDER
will crawl every share on every target system. If provided creds don't work, it will fall back to "guest", then to a null session.
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
https://github.com/blacklanternsecurity/MANSPIDER
#MANSPIDER #SMB #scrabbing
will crawl every share on every target system. If provided creds don't work, it will fall back to "guest", then to a null session.
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
https://github.com/blacklanternsecurity/MANSPIDER
#MANSPIDER #SMB #scrabbing
GitHub
GitHub - blacklanternsecurity/MANSPIDER: Spider entire networks for juicy files sitting on SMB shares. Search filenames or file…
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported! - blacklanternsecurity/MANSPIDER
Injector
Complete Arsenal of Memory injection and other techniques for red-teaming in Windows
https://github.com/0xDivyanshu/Injector
#bypassAV #injector
Complete Arsenal of Memory injection and other techniques for red-teaming in Windows
https://github.com/0xDivyanshu/Injector
#bypassAV #injector
Whisker
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
https://github.com/eladshamir/Whisker
#postexploit #Whisker #Activedirectory #shadowcredential
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
https://github.com/eladshamir/Whisker
#postexploit #Whisker #Activedirectory #shadowcredential
GitHub
GitHub - eladshamir/Whisker: Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their…
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to...
rconn
rconn is a multiplatform program for creating generic reverse connections. Lets you consume services that are behind firewall or NAT without opening ports or port-forwarding.
https://github.com/jafarlihi/rconn
#rconn #postexploit #portforwarding
rconn is a multiplatform program for creating generic reverse connections. Lets you consume services that are behind firewall or NAT without opening ports or port-forwarding.
https://github.com/jafarlihi/rconn
#rconn #postexploit #portforwarding
Nebula
Cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
https://github.com/gl4ssesbo1/Nebula/releases/tag/latest
#reconnaissance #enumeration #exploitation #postexploit #AWS
Cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
https://github.com/gl4ssesbo1/Nebula/releases/tag/latest
#reconnaissance #enumeration #exploitation #postexploit #AWS
GitHub
Release Nebula v2.0 Release · gl4ssesbo1/Nebula
STS AssumeRoleWithWebIdentity
Reconnaissance crt.sh
TCP Reverse Shell (Draft)
Reverse Shell check_env that checks the environment of the victim system
Updated getuid that checks IAM:GetUser, IAM:Li...
Reconnaissance crt.sh
TCP Reverse Shell (Draft)
Reverse Shell check_env that checks the environment of the victim system
Updated getuid that checks IAM:GetUser, IAM:Li...
ARTIF
An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data.
Threat Detection
Logging and Monitoring
User profiling
Alerting automation
https://github.com/CRED-CLUB/ARTIF/releases/tag/1.0
#blueteam #TI #ARTIF
An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data.
Threat Detection
Logging and Monitoring
User profiling
Alerting automation
https://github.com/CRED-CLUB/ARTIF/releases/tag/1.0
#blueteam #TI #ARTIF
GitHub
Release v1.0 · CRED-CLUB/ARTIF
An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data. - CRED-CLUB/ARTIF
A powerful Bluetooth scanner
BR devices
LE devices
BR LMP features
LE LL features
SMP Pairing features
Real-time advertising physical channel PDU
SDP services
GATT services
Vulnerabilities (demo)
https://github.com/fO-000/bluescan/releases/tag/v0.6.5
#IoT #BLE #scanner
BR devices
LE devices
BR LMP features
LE LL features
SMP Pairing features
Real-time advertising physical channel PDU
SDP services
GATT services
Vulnerabilities (demo)
https://github.com/fO-000/bluescan/releases/tag/v0.6.5
#IoT #BLE #scanner
GitHub
Release v0.6.5 · fO-000/bluescan
Simply supported retrieving the HIDDenoscriptorList attribute
BoomBox
Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
BoomBox is designed for malware analysts and incident responders. It allows for the rapid deployment of a dynamic malware analysis environment using Cuckoo Sandbox and a Windows 10 detonation chamber. Cuckoo is configured to use the physical machinery so that both Cuckoo and the Windows sandbox can be virtual machines on a single host.
https://github.com/nbeede/BoomBox/releases/tag/v1.0
#cuckoo #sandbox #malwareanalysis
Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
BoomBox is designed for malware analysts and incident responders. It allows for the rapid deployment of a dynamic malware analysis environment using Cuckoo Sandbox and a Windows 10 detonation chamber. Cuckoo is configured to use the physical machinery so that both Cuckoo and the Windows sandbox can be virtual machines on a single host.
https://github.com/nbeede/BoomBox/releases/tag/v1.0
#cuckoo #sandbox #malwareanalysis
GitHub
Release Initial Release · nbeede/BoomBox
VirtualBox provider support
Windows 10 sandbox
Linux/macOS/Windows supported platforms
Windows 10 sandbox
Linux/macOS/Windows supported platforms
Blue Pigeon
is a Bluetooth-based data exfiltration and proxy tool to enable communication between a remote Command and Control (C2) server and a compromised host.
https://github.com/BluePigeonProject/blue-pigeon#the-pigeons-key-requirements
#Bluetooth #exfiltration #c2
is a Bluetooth-based data exfiltration and proxy tool to enable communication between a remote Command and Control (C2) server and a compromised host.
https://github.com/BluePigeonProject/blue-pigeon#the-pigeons-key-requirements
#Bluetooth #exfiltration #c2
GitHub
GitHub - BluePigeonProject/blue-pigeon: Blue Pigeon is a Bluetooth-based data exfiltration and proxy tool to enable communication…
Blue Pigeon is a Bluetooth-based data exfiltration and proxy tool to enable communication between a remote Command and Control (C2) server and a compromised host. - BluePigeonProject/blue-pigeon