.svg){kind=icon}
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses.
ADMiner is an Active Directory audit tool that leverages cypher queries to crunch data from the BloodHound graph database (neo4j) and gives you a global overview of existing weaknesses through a web-based static report, including detailed listing, dynamic graphs, key indicators history, along with risk ratings.
- AD Miner - Analyse Active Directory — Emilien Vannier, Jean-Michel Besnard, Tanguy Boisset @ SSTIC :fr:.
- Episode #461 consacré à ADMiner avec Jean-Michel BESNARD @ NoLimitSecu :fr:.
- Not All Paths are Created Equal -- Attackers' Economy (Part 1) @ Riccardo Ancarani - Red Team Adventures.
- Graph theory to assess Active Directory : Smartest vs. Shortest Control Paths @ Jean-Michel BESNARD's LinkedIn.
Docker-Compose file for vulnerability environment.
Vulhub is an open-source collection of pre-built vulnerable docker environments. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment.
WebCopilot is an automation tool designed to enumerate subdomains of the target and detect bugs using different open-source tools.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
🚀 A curated list of awesome testing tools 🚀
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
Mantis is a command-line framework designed to automate the workflow of asset discovery, reconnaissance, and scanning. It takes the top-level domains as input, then seamlessly progresses to discovering corresponding assets, including subdomains and certificates. The tool performs reconnaissance on active assets and concludes with a comprehensive scan for vulnerabilities, secrets, misconfigurations and phishing domains - all powered by a blend of open-source and custom tools.
Tools and Techniques for Red Team / Penetration Testing.
This github repository contains a collection of 130+ tools and resources that can be useful for red teaming activities.
Some of the tools may be specifically designed for red teaming, while others are more general-purpose and can be adapted for use in a red teaming context.
CATSploit is an automated penetration testing tool using Cyber Attack Techniques Scoring (CATS) method that can be used without pentester.
802.11 Attack Tool.
The overall goal of this tool is to provide a single-interface survey capability with advanced automated attacks that result in valid hashlines you can crack with Hashcat.
Trying to tame the three-headed dog.
Rubeus is a C# toolset for raw Kerberos interaction and abuses.
A fast TCP/UDP tunnel over HTTP.
Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server. Written in Go (golang). Chisel is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network.
Arsenal is just a quick inventory and launcher for hacking programs.
This project written by pentesters for pentesters simplify the use of all the hard-to-remember commands
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
A default credential scanner.
changeme picks up where commercial scanners leave off. It focuses on detecting default and backdoor credentials and not necessarily common credentials. It's default mode is to scan HTTP default credentials, but has support for other credentials.
Exploitation Framework for Embedded Devices. It consists of various modules that aid penetration testing operations.
This project focuses on utilizing the built-in Bluetooth Low Energy (BLE) functionality of Android smartphones to create Phantom Bluetooth Device Advertisements, similar to what is known, for instance, in the case of the Flipper Zero. While there are other apps available that provide similar functionality, the objective of this app is to enhance convenience and user-friendliness in the process.
Advanced vulnerability scanning with Nmap NSE.
Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version of VulDB.
A little tool to play with Windows security.
PolarDNS is a specialized authoritative DNS server suitable for penetration testing and vulnerability research.
PolarDNS is a specialized authoritative DNS server written in Python 3.x, which allows the operator to produce fully custom DNS responses, suitable for DNS protocol testing purposes.
An attack tool for simple, fast & effective security testing of M365 & Azure AD.
MAAD-AF is designed to make cloud security testing simple, fast and effective. Through its virtually no-setup requirement and easy to use interactive attack modules, security teams can test their security controls, detection and response capabilities easily and swiftly.
World's fastest and most advanced password recovery utility.
hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 300 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking.