Undetectable Windows Payload Generation
persistence kali payloads bypass antivirus uac meter msfconsole metasploit powershell netsec undetectableThis is a Microsoft Sysinternals Sysmon configuration file template with default high-quality event tracing. The file provided should function as a great starting point for system change monitoring in a self-contained package. This configuration and results should give you a good idea of what's possible for Sysmon. Note that this does not track things like authentication and other Windows events that are also vital for incident investigation.
sysmon threatintel threat-hunting sysinternals netsec monitoring loggingFiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. The features will continue to be expanded and will include website spoofing, click tracking, and extensive notification options. This project is my own and is not a representation of my employer's views. It is my own side project and released by me alone.
phishing security netsec hacking emailGorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access to the docker daemon, you can use Gorsair to directly execute commands on remote containers. Exposing the docker API on the internet is a tremendous risk, as it can let malicious agents get information on all of the other containers, images and system, as well as potentially getting privileged access to the whole system if the image uses the root user.
pentesting docker netsec infosec nmap penetration-testing securityThis library aims at providing idiomatic nmap bindings for go developers, in order to make it easier to write security audit tools using golang. Nmap (Network Mapper) is a free and open-source network scanner created by Gordon Lyon. Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses.
nmap infosec idiomatic pentesting audit netsec penetration-testing hacking network-analysis network-mappingThis is a position-independent windows DLL/EXE loader based on original ReflectiveDLLInjection project.
infosec netsec dll-injection reflective-dll reflective-injection reflective-pe-loadersThis is a soup-to-nuts implementation of TLS 1.3 created by staring at documents for hours until code came out. The single goal was to establish a valid TLS session by any means possible and trick servers into talking to me. This code is crude and lumpy and ugly. This is intentional and should serve as a warning to others: this code is not usable for real work. In particular the crypto code is slow and full of timing side-channels. Any attempts to clean things up will be viewed as an attempt to trick someone else into using this code and will be rejected.
tls13 toy netsec cleanroomThe Fast, Extensible, Versatile Event Router (FEVER) is a tool for fast processing of events from Suricata's JSON EVE output. What is meant by 'processing' is defined by a number of modular components, for example facilitating fast ingestion into a database. Other processors implement collection, aggregation and forwarding of various metadata (e.g. aggregated and raw flows, passive DNS data, etc.) as well as performance metrics. It is meant to be used in front of (or as a replacement for) general-purpose log processors like Logstash to increase event throughput as observed on sensors that see a lot of traffic.
suricata eve json security monitoring pdns intrusion-detection bloom-filter netsecHawkEye is a simple tool to crawl the filesystem or a directory looking for interesting stuff like SSH Keys, Log Files, Sqlite Database, password files, etc. Hawkeye uses a fast filesystem crawler to look through files recursively and then sends them for analysis in real time and presents the data in both json format and simple console output. The tool is built with a modular approach making it easy to use and easily extensible. It can be used during pentests as a privilege escalation tool to look through the filesystem finding configuration files or ssh keys sometimes left by the sys-admins.
pentesting infosec hackthebox bug-bounty hacking netsecWe created this tool to fill out the need of gathering information on most common issues on particular HackerOne bounty programs. h1-search will connect to H1 and retrieve all the public disclosed reports on that specific program and display them in a local webserver. Beware that H1 has rate limit on GET requests so don't abuse it too much. The tool provides you the possibility of searching for specific attacks and direct link to the report. h1-search was developed by David Sopas @dsopas and Paulo Silva @pauloasilva_com.
hackerone infosec netsec bugbounty pentesting pentest-toolGoAltdns is a permutation generation tool that can take a list of subdomains, permute them using a wordlist, insert indexes, numbers, dashes and increase your chance of finding that estoeric subdomain that no-one found during bug-bounty or pentest. It uses a number of techniques to accomplish this. It can allow for discovery of subdomains that conform to patterns. GoAltdns takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdomains that you know of. The tool itself is very simple and is built with golang concurrency providing it very quick execution times.
subdomain-discovery netsec hacking infosec bruteforce bruteforce-subdomain bug-bounty subdomains recondex will index scans of exposed devices from ipv4scan and create a growing real-time database of the results. It then provides a basic regex search interface to help find specific devices. And finally navigate to http://localhost:8666 and enter your regex search queries to start looking for devices.
iot netsecIoT device scanner. Randomly scan the IPv4 address space and collect a real-time JSON stream of all HTTP devices that are found. This stream can then by piped into real-time filters and analytics or piped into storage to be searched as your own personal shodan. All binary releases can be found here.
iot netsecWrite-ups for various hacking challenges (HackTheBox, VulnHub,etc).
security hacking ctf-writeups ctf netsec vulnhub 100daysofcode hackthebox
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.