SessionExec SessionExec allows you to execute specified commands in other Sessions on Windows Systems, either targeting a specific session ID or All sessions, with the option to suppress command output. The tool is inspired...
HackBrowserData HackBrowserData is a command-line tool for decrypting and exporting browser data (passwords, history, cookies, bookmarks, credit cards, download history, localStorage and extensions) from the browser. It supports the most popular browsers on the market...
Arkime Arkime is an open-source, large-scale, full packet capturing, indexing, and a database system. Arkime augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access....
EDR Telemetry Blocker Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in the TLS Client Hello...
kube-bench kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Tests are configured with YAML files, making this tool easy to update...
SUDO_KILLER SUDO_KILLER is a tool that can be used for privilege escalation on the Linux environment by abusing SUDO in several ways. The tool helps to identify misconfiguration within sudo rules, vulnerability within the...
Mobile Verification Toolkit Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It...
ESP32 Marauder The ESP32 Marauder is a suite of WiFi/Bluetooth offensive and defensive tools created for the ESP32 and was originally inspired by Spacehuhn’s esp8266_deauther project. The tool itself serves as a portable device used to test...
PatrOwl PatrOwl is a scalable, free and open-source solution for orchestrating Security Operations. PatrowlEngines is the engine framework and the supported list of engines performing the operations (scans, searches, API calls, …) in due time. The...
vuls For a system administrator, having to perform security vulnerability analysis and software updates on a daily basis can be a burden. To avoid downtime in a production environment, it is common for a...
Faraday – Open Source Vulnerability Manager Faraday introduces a new concept – IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distribution, indexation, and analysis of the data generated during a security...
Dependency Check Dependency Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project’s dependencies. It does this by determining if there is a Common Platform...
Falco Falco is a cloud-native security tool. It provides near real-time threat detection for cloud, container, and Kubernetes workloads by leveraging runtime insights. Falco can monitor events defined via customizable rules from various sources, including the...
Cppcheck Cppcheck is a static analysis tool for C/C++ code. It provides a unique code analysis to detect bugs and focuses on detecting undefined behavior and dangerous coding constructs. The goal is to detect only real errors...
MISP – Malware Information Sharing Platform and Threat Sharing MISP, Malware Information Sharing Platform, and Threat Sharing is an open-source software solution for collecting, storing, distributing, and sharing cybersecurity indicators and threats about cybersecurity...
OperatorsKit This repository contains a collection of Beacon Object Files (BOFs) that integrate with Cobalt Strike. Kit content The following tools are currently in the OperatorsKit: Name Description AddExclusion Add a new exclusion to...
