Snort: Intrusion Prevention System
Snort++ Snort 3 is the next generation Snort IPS (Intrusion Prevention System). This version of Snort++ includes new features as well as all Snort 2.X features and bug fixes for the base version...
Category: Open Source Tool
brutespray: Automatically attempts default creds on found services
brutespray Brutespray has been updated to golang. Without needing to rely on other tools this version will be extensible to bruteforce many different services and is way faster than its Python counterpart. Currently, Brutespray...
BunkerWeb: Open-source and next-generation Web Application Firewall (WAF)
BunkerWeb BunkerWeb is a next-generation and open-source Web Application Firewall (WAF). Being a full-featured web server (based on NGINX under the hood), it will protect your web services to make them “secure by default”. BunkerWeb integrates...
opensquat: opensource Intelligence R&D project to identify cyber squatting threats
opensquat openSquat is an opensource Intelligence (OSINT) R&D project to identify cybersquatting threats to specific companies or domains, such as: Domain squatting Typosquatting IDN homograph attacks Phishing Scams It does support some key features such as:...
DeadPotato: A Windows privilege escalation utility
DeadPotato DeadPotato is a Windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by...
wazuh: Host and endpoint security
Wazuh Wazuh helps you gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the following capabilities: Log...
Amoco: tool for analysing binaries
Amoco Amoco is a Python package dedicated to the (static) analysis of binaries. It features: a generic framework for decoding instructions developed to reduce the time needed to implement support for new architectures. For...
codasm: Payload encoding utility to effectively lower payload entropy
CODASM CODASM allows you to encode arbitrary data into pseudo-ASM instructions and compile them into the .text section of binaries. Payloads (esp. shellcode) come with pretty high entropy and look out of place in...
fsociety: Modular Penetration Testing Framework
Fsociety Hacking Tools Pack – A Penetration Testing Framework A Penetration Testing Framework, you will have the very script that a hacker needs Fsociety Contains All Tools Used In Mr. Robot Series Menu ...
mitmproxy: An interactive TLS-capable intercepting HTTP proxy
mitmproxy mitmproxy is an interactive, SSL-capable intercepting proxy with a console interface. mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP. mitmweb is a web-based interface for mitmproxy. pathoc and pathod are...
SessionExec: Execute commands in other Sessions
SessionExec SessionExec allows you to execute specified commands in other Sessions on Windows Systems, either targeting a specific session ID or All sessions, with the option to suppress command output. The tool is inspired...
HackBrowserData: Decrypt passwords/cookies/history/bookmarks from the browser
HackBrowserData HackBrowserData is a command-line tool for decrypting and exporting browser data (passwords, history, cookies, bookmarks, credit cards, download history, localStorage and extensions) from the browser. It supports the most popular browsers on the market...
Arkime: open source, large scale, full packet capturing, indexing, and database system
Arkime Arkime is an open-source, large-scale, full packet capturing, indexing, and a database system. Arkime augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access....
EDR Telemetry Blocker via Person-in-the-Middle Network Filtering Attacks
EDR Telemetry Blocker Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in the TLS Client Hello...
kube-bench: Checks Kubernetes security best practices as defined in the CIS Kubernetes Benchmark
kube-bench kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Tests are configured with YAML files, making this tool easy to update...
SUDO_KILLER: identify and exploit sudo rules’ misconfigurations and vulnerabilities within sudo
SUDO_KILLER SUDO_KILLER is a tool that can be used for privilege escalation on the Linux environment by abusing SUDO in several ways. The tool helps to identify misconfiguration within sudo rules, vulnerability within the...
