AttackSurfaceAnalyzer - Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation

  •        17

This version of Attack Surface Analyzer is in "public preview", suitable for early adopters testing core features. A final release of the 2.0 version is planned for late April, 2019. Attack Surface Analyzer is a Microsoft-developed open source security tool that analyzes the attack surface of a target system and reports on potential security vulnerabilities introduced during the installation of software or system misconfiguration.

https://github.com/Microsoft/AttackSurfaceAnalyzer

Tags
Implementation
License
Platform

   




Related Projects

hardentools - Hardentools is a utility that disables a number of risky Windows features.

  •    Go

Hardentools is a collection of simple utilities designed to disable a number of "features" exposed by operating systems (Microsoft Windows, for now), and primary consumer applications. These features, commonly thought for enterprise customers, are generally useless to regular users and rather pose as dangers as they are very commonly abused by attackers to execute malicious code on a victim's computer. The intent of this tool is to simply reduce the attack surface by disabling the low-hanging fruit. Hardentools is intended for individuals at risk, who might want an extra level of security at the price of some usability. It is not intended for corporate environments. WARNING: This is just an experiment, it is not meant for public distribution yet. Also, this tool disables a number of features, including of Microsoft Office, Adobe Reader, and Windows, that might cause malfunctions to certain applications. Use this at your own risk.

aquatone - A Tool for Domain Flyovers

  •    Ruby

AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, AQUATONE can then scan the hosts for common web ports and HTTP headers, HTML bodies and screenshots can be gathered and consolidated into a report for easy analysis of the attack surface. AQUATONE depends on Node.js and NPM package manager for its web page screenshotting capabilities. Follow this guide for Installation instructions.

Scout2 - Security auditing tool for AWS environments

  •    Python

Scout2 is a security tool that lets AWS administrators assess their environment's security posture. Using the AWS API, Scout2 gathers configuration data for manual inspection and highlights high-risk areas automatically. Rather than pouring through dozens of pages on the web, Scout2 supplies a clear view of the attack surface automatically. Note: Scout2 is stable and actively maintained, but a number of features and internals may change. As such, please bear with us as we find time to work on, and improve, the tool. Feel free to report a bug with details (e.g. console output using the "--debug" argument), request a new feature, or send a pull request.

Microsoft Surface StarterKit for VB.NET

  •    WPF

Currently you can only create applications for Microsoft Surface in C #. Microsoft Surface Starterkit for VB.NET is an initial project of WPF that implements all the necessary references to create a Microsoft Surface application in Visual Basic. Actualmente solo se pueden c...

Scout2 - Security auditing tool for AWS environments

  •    Javascript

Scout2 is a security tool that lets AWS administrators assess their environment's security posture. Using the AWS API, Scout2 gathers configuration data for manual inspection and highlights high-risk areas automatically. Rather than pouring through dozens of pages on the web, Scout2 supplies a clear view of the attack surface automatically.


subzero - Square's Bitcoin Cold Storage solution.

  •    Java

For security, Square stores a reserve of Bitcoins in an offline setting. By having these funds offline, we reduce attack surface and risk of theft. Square's solution is unique, specifically, we leverage FIPS certified Hardware Security Modules (HSMs) to protect the private key material. We decided to use such HSMs because we already own, operate, and trust these devices for other payment-related needs.

Wikipedia browser for Microsoft Surface

  •    WPF

Wikipedia browser for Microsoft Surface allows to search Wikipedia and Wikimedia Commons on Microsoft Surface device.

sysmon-modular - A repository of sysmon configuration modules

  •    PowerShell

This is a Microsoft Sysinternals Sysmon configuration repository, set up modular for easier maintenance and generation of specific configs. Note: I do recommend using a minimal number of configurations within your environment for multiple obvious reasons, like; maintenance, output equality, manageability and so on.

linux-exploit-suggester - Linux privilege escalation auditing tool

  •    Shell

Often during the penetration test engagement the security analyst faces the problem of identifying privilege escalation attack vectors on tested Linux machine(s). One of viable attack vectors is using publicly known Linux exploit to gain root privileges on tested machine. Of course in order to do that the analyst needs to identify the right PoC exploit, make sure that his target is affected by the associated vulnerability and finally modify the exploit to suit his target. The linux-exploit-suggester.sh tool is designed to help with these activities. In this mode the analyst simply provides kernel version (--kernel switch) or uname -a command output (--uname switch) and receives list of candidate exploits for a given kernel version.

janusec - Janusec Application Gateway, a Golang based application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing

  •    Go

Janusec Application Gateway, an application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing. With Janusec, you can build secure and scalable applications. Detailed documentation is available at Janusec Application Gateway Documentation.

thc-hydra - hydra

  •    C

Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. There are already several login hacker tools available, however none does either support more than one protocol to attack or support parallized connects.

Surface Academy 2009 Toolkit

  •    

The Microsoft Surface Academy 2009 interns have created some controls for Microsoft Surface Tables. This toolkit contains : A basic gesture recognition control A card game starter kit An implement of the Mitsu Furuta's book control Circular menu control

android-vts - Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security

  •    Java

UPDATE 2015/12/15: AndroidVTS is currently not available in the Google Play™ store app, more info here. This tool was meant to show the end user the attack surface that a given device is susceptible to. In implementing these checks we attempt to minimize or eliminate both false positives/false negatives without negatively affecting system stability.

fuzzdb - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery

  •    PHP

FuzzDB was created to increase the likelihood of causing and identifying conditions of security interest through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses. Attack Patterns - FuzzDB contains comprehensive lists of attack payload primitives for fault injection testing. These patterns, categorized by attack and where appropriate platform type, are known to cause issues like OS command injection, directory listings, directory traversals, source exposure, file upload bypass, authentication bypass, XSS, http header crlf injections, SQL injection, NoSQL injection, and more. For example, FuzzDB catalogs 56 patterns that can potentially be interpreted as a null byte and contains lists of commonly used methods such as "get, put, test," and name-value pairs than trigger debug modes.

SQL Server Label Security Toolkit

  •    

The Label Security Toolkit provides tools and techniques for using Microsoft® SQL Server (versions 2005 through 2012) to implement row-level security (RLS) and cell-level security (CLS) based on security labels. The major components of the Toolkit are: • The Label Polic...

kali-nethunter - The Kali NetHunter Project

  •    Lua

The Kali NetHunter is an Android penetration testing platform targeted towards Nexus and OnePlus devices built on top of Kali Linux, which includes some special and unique features. Of course, you have all the usual Kali tools in NetHunter as well as the ability to get a full VNC session from your phone to a graphical Kali chroot, however the strength of NetHunter does not end there. We've incorporated some amazing features into the NetHunter OS which are both powerful and unique. From pre-programmed HID Keyboard (Teensy) attacks, to BadUSB Man In The Middle attacks, to one-click MANA Evil Access Point setups, access to the Offensive Security Exploit Database... And yes, NetHunter natively supports wireless 802.11 frame injection with a variety of supported USB NICs. Attack descriptions as well as some documentation to get you started with the installation and setup of Kali NetHunter can be found at https://github.com/offensive-security/kali-nethunter/wiki.

cameradar - Cameradar hacks its way into RTSP videosurveillance cameras

  •    Go

See command-line options. e.g.: docker run -t ullaakut/cameradar -t 192.168.100.0/24 -l will scan the ports 554 and 8554 of hosts on the 192.168.100.0/24 subnetwork and attack the discovered RTSP streams and will output debug logs.

w3af - Web Application Attack and Audit Framework

  •    Python

w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities. It can find Cross site scripting, SQL Injection and lot more. The framework implements web and proxy servers which are easy to integrate into your code in order to identify and exploit vulnerabilities.

Internal-Monologue - Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

  •    CSharp

Mimikatz, developed by Benjamin Delpy (@gentilkiwi), is a well-regarded post-exploitation tool, which allows adversaries to extract plain text passwords, NTLM hashes and Kerberos tickets from memory, as well as perform attacks such as pass-the-hash, pass-the-ticket or build a golden ticket. Arguably, the primary use of Mimikatz is retrieving user credentials from LSASS process memory for use in post exploitation lateral movement. Recently, Microsoft has introduced Credential Guard in Windows 10 Enterprise and Windows Server 2016, which uses virtualization-based security to isolate secrets, and it is very effective in preventing Mimikatz from retrieving hashes directly from memory. Also, Mimikatz has become a prime target of most endpoint protection solutions, and they are very aggressive in their efforts to detect and prevent it. Although these efforts are bound to fail, they are increasingly becoming a nuisance.