Ghost Ghost is a shellcode loader project designed to bypass multiple detection capabilities that are usually implemented by an EDR Detection 1 – kernel callbacks kernel callbacks are implemented by an EDR to harness...
ADcheck Assess the security of your Active Directory with few or all privileges. This tool offers functionalities similar to PingCastle, ORADAD, or even PurpleKnight (with some bonuses). ADcheck is developed in pure Python to bypass operating system...
diskover diskover is an open-source file system indexer that uses Elasticsearch to index and manage data across heterogeneous storage systems. Using diskover, you are able to more effectively search and organize files, and system...
Scrapling: Lightning-Fast, Adaptive Web Scraping for Python Scrapling is a high-performance, intelligent web scraping library for Python that automatically adapts to website changes while significantly outperforming popular alternatives. Whether you’re a beginner or an...
kubesec Security risk analysis for Kubernetes resources Download Kubesec is available as a: Docker container image at docker.io/kubesec/kubesec:v2 Linux/MacOS/Win binary (get the latest release) Kubernetes Admission Controller Kubectl plugin Or install the latest commit from...
Empire Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility....
VOIDMAW This is a new bypass technique for memory scanners. It is useful in hiding problematic code that will be flagged by the antivirus vendors. This is basically an improved version of Voidgate, but without...
cwe_checker cwe_checker is a suite of tools to detect common bug classes such as use of dangerous functions and simple integer overflows. These bug classes are formally known as Common Weakness Enumerations (CWEs). Its main goal is...
Sooty The SOC Analysts all-in-one CLI tool to automate and speed up workflow. Feature Sanitise URL’s to be safe to send in emails Perform reverse DNS and DNS lookups Perform reputation checks from:...
MSI Analyzer This Python script for Linux can analyze Microsoft Windows *.msi Installer files and point out potential vulnerabilities. It was developed by Michael Baer (@derbaer0) in the SEC Consult Vulnerability Lab. Currently, it...
Volatility 3: The volatile memory extraction framework Volatility is the world’s most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system...
OWASP Nettacker project is created to automate information gathering, vulnerability scanning, and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP,...
