CRADLE is an open-source web application designed to empower Cyber Threat Intelligence (CTI) analysts. The platform streamlines threat analysis workflows through collaborative note-taking, visual relationship mapping, and comprehensive report generation. In today’s rapidly evolving...
Linux Security and Monitoring Scripts These are a collection of security and monitoring scripts you can use to monitor your Linux installation for security-related events or for an investigation. Each script works on its...
Draugr-Template CobaltStrike BOF Template to easily perform a synthetic stack frame in BOF. The spoofer is based on LoudSunRun. For each API call, a gadget is randomly used inside KERNELBASE.DLL. Nowadays, some EDRs analyze...
ZeusCloud is an open-source cloud security platform. Discover, prioritize, and remediate your risks in the cloud. Build an asset inventory of your AWS accounts. Continuously monitor your environments for misconfigurations and attack paths. Customize...
SubCat is a powerful subdomain discovery tool that passively aggregates data from a variety of online sources to identify valid subdomains for websites. Designed with a modular and efficient architecture, SubCat is ideal for...
StackRox Kubernetes Security Platform The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment. StackRox...
RouterOS configuration analyzer to find security misconfigurations and vulnerabilities. Sara does not bypass authentication, exploit vulnerabilities, or alter RouterOS configurations. It works in read-only mode, requiring no administrative privileges. If you are unsure about the interpretation...
ulexecve This Python tool is called ulexecve and it stands for userland execve. It helps you execute arbitrary ELF binaries on Linux systems from userland without ever calling the execve() systemcall. In other words: you can execute...
PPL Exploit PoC (Proof of Concept) This repository contains a C++ Proof of Concept (PoC) demonstrating the exploitation of Windows Protected Process Light (PPL) using COM-to-.NET redirection and reflection techniques for code injection. The...
Gato (Github Attack TOolkit) Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access...
Mimicry Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation. Active deception can live to migrate the attacker to the honeypot without awareness. We can achieve a...
Twilio Security Scanner A security scanning tool for Twilio accounts that helps detect misconfigurations and security risks, including: Public serverless functions and assets Unencrypted HTTP webhooks in phone numbers and messaging services API keys...
FindGPPPasswords A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts. Features Only requires a low privileges domain user account. Automatically gets the list of all...
PowerHuntShares PowerHuntShares is designed to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intended to help IAM and other blue teams gain a...
MSFTRecon is a reconnaissance tool designed for red teamers and security professionals to map Microsoft 365 and Azure tenant infrastructure. It performs comprehensive enumeration without requiring authentication, helping identify potential security misconfigurations and attack...
YATAS Yet Another Testing & Auditing Solution Features YATAS is a simple and easy-to-use tool to audit your infrastructure for misconfiguration or potential security issues. AWS – 43 Checks APIGateway AWS_APG_001 Apigateway Cloudwatch Logs...
