whip_lash + github   63

Netflix/security_monkey: Security Monkey
Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. Support is available for OpenStack public and private clouds. Security Monkey can also watch and monitor your GitHub organizations, teams, and repositories.
aws  devops  github  monitoring  security 
12 days ago by whip_lash
open-guides/og-aws: 📙 Amazon Web Services — a practical guide
This guide is by and for engineers who use AWS. It aims to be a useful, living reference that consolidates links, tips, gotchas, and best practices. It arose from discussion and editing over beers by several engineers who have used AWS extensively.
amazon  aws  cloud  github  guide 
12 days ago by whip_lash
glmcdona/Process-Dump: Windows tool for dumping malware PE files from memory back to disk for analysis.
Process Dump works for Windows 32 and 64 bit operating systems and can dump memory components from specific processes or from all processes currently running. Process Dump supports creation and use of a clean-hash database, so that dumping of all the clean files such as kernel32.dll can be skipped. It's main features include:
malware  memory  github 
13 days ago by whip_lash
InitString / evil-ssdp · GitLab
Spoof SSDP replies to phish for NTLM hashes on a network. Creates a fake UPNP device, tricking users into visiting a malicious phishing page.
ssdp  upnp  security  pentest  github 
15 days ago by whip_lash
calebmadrigal/trackerjacker: Like nmap for mapping wifi networks you're not connected to, plus device tracking
Like nmap for mapping wifi networks you're not connected to. Maps and tracks wifi networks and devices through raw 802.11 monitoring.
network  python  security  wifi  wireless  pentest  github 
16 days ago by whip_lash
ufrisk/pcileech: Direct Memory Access (DMA) Attack Software
PCILeech uses PCIe hardware devices to read and write from the target system memory. This is achieved by using DMA over PCIe. No drivers are needed on the target system.

PCILeech works without hardware together with memory dump files and the Windows 7/2008R2 x64 Total Meltdown / CVE-2018-1038 vulnerability.
memory  security  github  hardware 
16 days ago by whip_lash
Homas/ioc2rpz: ioc2rpz is a place where threat intelligence meets DNS.
ioc2rpz transforms IOC feeds into response policy zones (RPZ). You can mix feeds to generate a single RPZ or multiple RPZs. Trusted domains and IPs can be whitelisted. ioc2rpz supports expiration of indicators and accordingly rebuilds zones.
dns  security  github 
16 days ago by whip_lash
Cymmetria/honeycomb: An extensible honeypot framework
Honeycomb is an open-source honeypot framework created by Cymmetria.

Honeycomb allows running honeypots with various integrations from a public library of plugins from https://github.com/Cymmetria/honeycomb_plugins

Writing new honeypot services and integrations for honeycomb is super easy! See the plugins repo for more info.
honeypot  security  github 
16 days ago by whip_lash
jzadeh/chiron-elk
CHIRON is a home analytics based on ELK stack combined with Machine Learning threat detection framework AKTAION. CHIRON parses and displays data from P0f, Nmap, and BRO IDS. CHIRON is designed for home use and will give great visibility into home internet devices (IOT, Computers, Cellphones, Tablets, etc).
github  lab  security  securityonion 
16 days ago by whip_lash
sense-of-security/ADRecon: ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
ADRecon is a tool which extracts various artifacts (as highlighted below) out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis.
security  pentest  activedirectory  github 
16 days ago by whip_lash
tuvtran/project-based-learning: Curated list of project-based tutorials
A list of programming tutorials in which learners build an application from scratch. These tutorials are divided into different primary programming languages. Some have intermix technologies and languages.
coding  github  learn  programming  tutorial 
5 weeks ago by whip_lash
rmikehodges/hideNsneak
This application assists in managing attack infrasturcture by providing an interface to rapidly deploy, manage, and take down various cloud services. These include VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls.
github  cloud  pentest  security 
5 weeks ago by whip_lash
Ne0nd0g/merlin: Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Download the latest version of Merlin Server from the releases section
Extract the files with 7zip using the x function. The password is: merlin
Start Merlin
Deploy an agent. See Agent Execution Quick Start Guide for examples
Pwn, Pivot, Profit
agent  c2  c&c  merlin  github  pentest  security 
7 weeks ago by whip_lash
Reverse MSSQL shell
Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
github  pentest  exfiltration  sql  reverseshell 
7 weeks ago by whip_lash
GitHub - bettercap/bettercap: The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks.
bettercap is the Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks.
github  network  pentest  tool 
8 weeks ago by whip_lash
curi0usJack/ADImporter: Credit to Helge Klein - https://helgeklein.com/blog/2015/02/creating-realistic-test-user-accounts-active-directory/
When you need to simulate a real Active Directory with thousands of users you quickly find that creating realistic test accounts is not trivial. Sure enough, you can whip up a quick PowerShell one-liner that creates any number of accounts, but what if you need real first and last names? Real (existing) addresses? Postal codes matching phone area codes?
activedirectory  lab  github 
april 2018 by whip_lash
jaredhaight/PowerShellClassLab
This is a set of Azure Resource Manager Templates that generates an Active Directory lab consisting of a Domain Controller, two Windows servers and a Linux server. I created this so that I could easily deploy AD Labs for students in my PowerShell classes, so it's geared toward spinning up multiple, identical labs.
azure  lab  github  windows  activedirectory 
april 2018 by whip_lash
clong/DetectionLab: Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts.
windows  splunk  lab  github 
april 2018 by whip_lash
GitHub - eladshamir/Internal-Monologue: Internal Monologue Attack: Retrieving NTLM Hashes without Mimikatz
The Internal Monologue Attack flow is described below:

Disable NetNTLMv1 preventive controls by changing LMCompatibilityLevel, NTLMMinClientSec and RestrictSendingNTLMTraffic to appropriate values, as described above.
Retrieve all non-network logon tokens from currently running processes and impersonate the associated users.
For each impersonated user, interact with NTLM SSP locally to elicit a NetNTLMv1 response to the chosen challenge in the security context of the impersonated user.
Restore the original values of LMCompatibilityLevel, NTLMMinClientSec and RestrictSendingNTLMTraffic.
Crack the NTLM hash of the captured responses using rainbow tables.
Pass the Hash.
hash  postexploitation  pentest  security  github 
march 2018 by whip_lash
vysec/CACTUSTORCH: CACTUSTORCH: Payload Generation for Adversary Simulations
A JavaScript and VBScript shellcode launcher. This will spawn a 32 bit version of the binary specified and inject shellcode into it.
exploit  windows  vbscript  javascript  github 
march 2018 by whip_lash
merrychap/shellen: Interactive shellcoding environment to easily craft shellcodes
Shellen is an interactive shellcoding environment. If you want a handy tool to write shellcodes, then shellen may be your friend.
commandline  shell  shellcode  github 
march 2018 by whip_lash
caseysmithrc/MimkatzCollider: Mimikatz HashClash
APPERAS TO ALTER THE MIMIKATZ EXE FILE HAS TO RESEMBLE A BENIGN PROGRAM.
mimikatz  hashes  pentesting  github 
march 2018 by whip_lash
LloydLabs/elf-strings: elf-strings will programmatically read an ELF binary's string sections within a given binary. This is meant to be much like the strings UNIX utility, however is purpose built for ELF binaries.
The better strings utility for the reverse engineer.

elf-strings will programmatically read an ELF binary's string sections within a given binary. This is meant to be much like the strings UNIX utility, however is purpose built for ELF binaries.
go  github  strings  reverseengineering 
february 2018 by whip_lash
rougier/numpy-100: 100 numpy exercises (100% complete)
This is a collection of numpy exercises from numpy mailing list, stack overflow, and numpy documentation.
math  numpy  python  github 
february 2018 by whip_lash
ahnick/encpass.sh: Lightweight solution for using encrypted passwords in shell scripts
encpass.sh provides a lightweight solution for using encrypted passwords in shell scripts using SSH and OpenSSL. It allows a user to encrypt a password at runtime and then use it, decrypted, within another script. This prevents shoulder surfing passwords and avoids storing the password in plain text, which could inadvertently be sent to or discovered by an individual at a later date.
encryption  github  cli  passwords 
february 2018 by whip_lash
Srinivas11789/PcapXray: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Given a Pcap File, plot a network diagram displaying hosts in the network, network traffic, highlight important traffic and Tor traffic as well as potential malicious traffic including data involved in the communication.
networking  pcap  github  python 
february 2018 by whip_lash
StreisandEffect/streisand: Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run yo
Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
github  privacy  security  tool  vpn 
february 2018 by whip_lash
R-Smith/tcpTrigger: A windows service that notifies you of incoming network connections
As far as I know, tcpTrigger is currently the only solution capable of detecting NetBIOS and LLMNR name poisoning.  The way it works is very simple:  every few minutes it broadcasts NetBIOS and LLMNR name queries for fictitious names, and if a response is returned, an alert is triggered.
responder  windows  security  tool  github 
february 2018 by whip_lash
thefLink/HEXER: Fuzzing Suite
File format fuzzer for Windows and Linux ( in combination with ASAN ).
fuzzing  linux  vulnerability  windows  github 
february 2018 by whip_lash
evilsocket/bettercap: A complete, modular, portable and easily extensible MITM framework.
bettercap is a complete, modular, portable and easily extensible MITM tool and framework with every kind of diagnostic and offensive feature you could need in order to perform a man in the middle attack.
github  security  pentest  mitm 
january 2018 by whip_lash
krmaxwell/maltrieve: A tool to retrieve malware directly from the source for security researchers.
Maltrieve originated as a fork of mwcrawler. It retrieves malware directly from the sources as listed at a number of sites.
malware  github 
january 2018 by whip_lash
GitHub - docker/docker-bench-security: The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
docker  github  security 
december 2017 by whip_lash
GitHub - securesocketfunneling/ssf: Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform
Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform
github  networking 
november 2017 by whip_lash

related tags

activedirectory  agent  ai  amazon  aws  azure  bash  books  build  burp  c&c  c2  cheatsheet  cheatsheets  cli  cloud  coding  commandline  database  deserialization  development  devops  dns  docker  encryption  evasion  exfiltration  exploit  fuzzing  github  go  guide  hacking  hardware  hash  hashes  honeypot  http  id  interview  ips  java  javascript  jobs  lab  learn  learning  linux  machinelearning  malware  math  memory  merlin  mimikatz  mitm  monitoring  network  networking  numpy  obfuscation  osint  passwords  pcap  pentest  pentesting  perl  postexploitation  powershell  privacy  privesc  privilegeescalation  programming  python  redteam  responder  rest  resume  reverseengineering  reverseshell  s3  Scripting  security  securityonion  shell  shellcode  software  splunk  sql  ssdp  stealth  strings  terminal  tool  tools  tutorial  uac  ubuntu  upnp  vbscript  vpn  vps  vulnerability  webapp  webdev  wifi  windows  wireless 

Copy this bookmark:



description:


tags: