ADcheck Assess the security of your Active Directory with few or all privileges. This tool offers functionalities similar to PingCastle, ORADAD, or even PurpleKnight (with some bonuses). ADcheck is developed in pure Python to bypass operating system...
kubesec Security risk analysis for Kubernetes resources Download Kubesec is available as a: Docker container image at docker.io/kubesec/kubesec:v2 Linux/MacOS/Win binary (get the latest release) Kubernetes Admission Controller Kubectl plugin Or install the latest commit from...
MSI Analyzer This Python script for Linux can analyze Microsoft Windows *.msi Installer files and point out potential vulnerabilities. It was developed by Michael Baer (@derbaer0) in the SEC Consult Vulnerability Lab. Currently, it...
OWASP Nettacker project is created to automate information gathering, vulnerability scanning, and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP,...
kernel hardening checker There are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros. We have to enable these options ourselves to make our systems...
Locksmith A tool built to find and fix common misconfigurations in Active Directory Certificate Services. Installation Module Install module from the PowerShell Gallery (preferred): Open a PowerShell prompt and run Install-Module -Name...
gosec – Golang Security Checker Inspects source code for security problems by scanning the Go AST. Usage Gosec can be configured to only run a subset of rules, exclude certain file paths, and...
GBounty GBounty is a multi-step website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identify potential vulnerabilities in web applications. It takes a target URL, list of URL, raw...
VulnerableCode VulnerableCode is a free and open database of FOSS software package vulnerabilities and the tools to create and keep the data current. It is made by the FOSS community to improve and secure...
Tsunami Tsunami is a general-purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. Why Tsunami? When security vulnerabilities or misconfigurations are actively exploited by attackers, organizations...
msldap LDAP library for auditing MS AD Feature Comes with a built-in console LDAP client All parameters can be controlled via a convenient URL Supports integrated windows authentication (SSPI) both with NTLM and...
nmap This library aims at providing idiomatic nmap bindings for go developers, to make it easier to write security audit tools using golang. What is nmap Nmap (Network Mapper) is a free and open-source network scanner...
Adversarial Robustness Toolbox Adversarial Robustness 360 Toolbox (ART) is a Python library supporting developers and researchers in defending Machine Learning models (Deep Neural Networks, Gradient Boosted Decision Trees, Support Vector Machines, Random Forests, Logistic...
OWASP SecurityRAT OWASP SecurityRAT (Requirement Automation Tool) is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is: specify parameters of the software artifact you’re...
echidna Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley) More seriously, Echidna is a Haskell program designed for fuzzing/property-based testing of Ethereum smart contracts. It...
COMThanasia With this tool, you will be able to detect: Incorrect access control to a COM object (LaunchPermission , AccessPermission) – LPE through abusable COM methods, DCOM Authentication relaying. That’s PermissionHunter. Incorrect registry rights to...
