Kubernetes Goat The Kubernetes Goat designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. 🏁 Scenarios Sensitive keys in codebases DIND (docker-in-docker) exploitation SSRF in the Kubernetes (K8S) world Container...
MORF – Mobile Reconnaissance Framework Mobile Reconnaissance Framework is a powerful, lightweight and platform-independent offensive mobile security tool designed to help hackers and developers identify and address sensitive information within mobile applications. It is...
Runtime Mobile Security Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime. You can easily dump all the loaded classes...
Terrascan Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud-native infrastructure. Features 500+ Policies for security best practices Scanning of Terraform 12+ (HCL2) Scanning of Kubernetes YAML/JSON Support...
Ulfberht Shellcode loader Features : Indirect syscall. Module stomping. Load a stomped module using APC. Execute the payload with a direct jump (jmp) without creating a new thread. API hashing implemented using the DJB2...
TrailShark The TrailShark Capture Utility seamlessly integrates with Wireshark, facilitating the capture of AWS CloudTrail logs directly into Wireshark for near-real-time analysis. This tool can be used for debugging AWS API calls and played...
INTERCEPT Stupidly easy to use, small footprint Policy as Code subsecond command-line scanner that leverages the power of the fastest multi-line search tool to scan your codebase. It can be used as a linter, guard...
Snaffler Snaffler is a tool for pentesters to help find delicious candy needles (creds mostly, but it’s flexible) in a bunch of horrible boring haystacks (a massive Windows/AD environment). It might also be useful for other...
Genzai Genzai helps you identify IoT or Internet of Things related dashboards across a single or set of targets provided as an input and furthermore scan them for default password issues and potential vulnerabilities...
Responder an LLMNR, NBT-NS, and MDNS poisoner. It will answer to specific NBT-NS (NetBIOS Name Service) queries based on their name suffix (see: http://support.microsoft.com/kb/163409). By default, the tool will only answer to File Server Service request, which...
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios. VECTR provides the ability to create assessment groups, which...
DICOMHawk DICOMHawk is a powerful and efficient honeypot for DICOM servers, designed to attract and log unauthorized access attempts and interactions. Built using Flask and pynetdicom, DICOMHawk offers a streamlined web interface for monitoring...
Stratus Red team Stratus Red Team is “Atomic Red Team™” for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner. Stratus Red Team is a lightweight Go binary you...
ecapture capture SSL/TLS text content without CA cert by eBPF. eBPF is a revolutionary technology with origins in the Linux kernel that can run sandboxed programs in an operating system kernel. It is used...
Chrome App-Bound Encryption Decryption This tool decrypts App-Bound Encrypted (ABE) keys stored in the Local State file of supported Chromium-based browsers, including Google Chrome, Brave, and Microsoft Edge. ABE, introduced in Chrome version 127, binds decryption capabilities...
Above Invisible protocol sniffer for finding vulnerabilities in the network. Designed for pentesters and security professionals. Mechanics Above is an invisible network sniffer for finding vulnerabilities in network equipment. It is based entirely on...