Stars
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Hashgrabd - Utility to capture eDonkey and BitTorrent crytographic hashes from BPF.
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive …
Check rclone config files for insecure passwords
"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files
An app that checks the permissions of Google Drive documents against a config file.
Responsive NetFlow visualizer built on top of nfdump tools.
CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the s…
Red Team K8S Adversary Emulation Based on kubectl
Automated detection rule analysis utility
This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
Source code for the book "Violent Python" by TJ O'Connor. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues invo…
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
Six Degrees of Domain Admin
Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.
Tool to find metadata and hidden information in the documents.
Open source solution to check prospective AD passwords against previously breached passwords