poutine Created by BoostSecurity.io, poutine is a security scanner that detects misconfigurations and vulnerabilities in the build pipelines of a repository. It supports parsing CI workflows from GitHub Actions and Gitlab CI/CD. When given an...
AHHHZURE AHHHZURE is an automated vulnerable Azure deployment script designed for offensive security practitioners and enthusiasts to brush up their cloud sec skills. The lab has 5 flags in total to collect. You may...
What is Akto? Akto is an open-source, instant API security platform that takes only 60 secs to get started. Akto is used by security teams to maintain a continuous inventory of APIs, test APIs...
BREADS – BREaking Active Directory Security BREADS is a tool focused on enumerating and attacking Active Directory environments through LDAP and SMB protocols. This project is inspired by other existing tools like NetExec (CrackMapExec) and...
kunai The goal behind this project is to bring relevant events to achieve various monitoring tasks ranging from security monitoring to Threat Hunting on Linux-based systems. If you are familiar with Sysmon on Windows,...
ADMiner ADMiner is an Active Directory audit tool that leverages cypher queries to crunch data from the BloodHound graph database (neo4j) and gives you a global overview of existing weaknesses through a web-based static report, including...
SCCMHunter SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain. The basic function of the tool is to query LDAP with the find...
legba Legba is a multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust and the Tokio asynchronous runtime to achieve better performances and stability while consuming fewer resources than similar tools. Supported...
The Auditor Automated Audit Simulation (AAS) is an innovative computer-assisted audit tool meticulously crafted for cybersecurity professionals, auditors, advisors, and consultants engaged in conducting comprehensive audits for diverse organizations. This cutting-edge tool operates seamlessly...
EFIDrill – IDA plugin for UEFI firmware vulnerability hunting based on data flow analysis The Unified Extensible Firmware Interface (UEFI) is a critical component in the boot process, but it’s vulnerable to attacks....