security
🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages.
GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages or Go modules. It runs a set of heuristics on the package source code (through Semgrep rules) and on the package metadata. GuardDog can be used to scan local or remote PyPI and npm packages or Go modules using any of the available heuristics.
Related contents:
Bypass Microsoft Account creation during Windows 11/10 install.
With Microsoft’s recent Windows 11 updates, the bypass for the network requirement (NRO) was "effectively" blocked, forcing users into an online account creation. MSAPatcher brings back the simplicity of the bypassnro.cmd one-liner, allowing you to bypass the NRO without having to manually add registry keys or deal with complex workarounds.
Related contents:
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.
SSLyze can analyze the SSL/TLS configuration of a server by connecting to it, in order to ensure that it uses strong encryption settings (certificate, cipher suites, elliptic curves, etc.), and that it is not vulnerable to known TLS attacks (Heartbleed, ROBOT, OpenSSL CCS injection, etc.).
The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
Related contents:
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy.
pwndbg (/paʊnˈdiˌbʌɡ/) is a GDB and LLDB plug-in that makes debugging suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers.
Related contents:
La plainte en ligne pour les arnaques sur internet (THESEE)
Pour les victimes d'escroqueries sur internet : faux sites de vente, piratage de comptes de messagerie, extorsion d'argent pour débloquer un ordinateur... vous pouvez déposer une plainte en ligne grâce au dispositif THESEE.
Related contents:
tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. tinc is Free Software and licensed under the GNU General Public License version 2 or later. Because the VPN appears to the IP level network code as a normal network device, there is no need to adapt any existing software. This allows VPN sites to share information with each other over the Internet without exposing any information to others.
Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available.
Most of the time when you are using a public network, you are behind some kind of firewall or proxy. One of their purpose is to constrain you to only use certain kind of protocols and consult only a subset of the web. Nowadays, the most widespread protocol is http and is de facto allowed by third party equipment.
Wstunnel uses the websocket protocol which is compatible with http in order to bypass firewalls and proxies. Wstunnel allows you to tunnel whatever traffic you want and access whatever resources/site you need.
Related contents:
Corkscrew is a tool for tunneling SSH through HTTP proxies, but... you might find another use for it.
Related contents:
Stealth tunneling through HTTP(S) proxies.
This is proxytunnel, a program that connects stdin and stdout to an origin server somewhere in the Internet through an industry standard HTTPS proxy. I originally wrote this program to be used as an extension to SSH, to be able to SSH to my box at home. In this file, I will describe the use with SSH. If you want to use it with some other application, feel free, and let me know!
Related contents:
opkssh is a tool which enables ssh to be used with OpenID Connect allowing SSH access management via identities like alice@example.com instead of long-lived SSH keys. It does not replace ssh, but rather generates ssh public keys that contain PK Tokens and configures sshd to verify the PK Token in the ssh public key. These PK Tokens contain standard OpenID Connect ID Tokens. This protocol builds on the OpenPubkey which adds user public keys to OpenID Connect without breaking compatibility with existing OpenID Provider.
Related contents:
Automated Forensic Analysis of Windows Memory Dumps for DFIR.
MemProcFS-Analyzer.ps1 is a PowerShell script utilized to simplify the usage of MemProcFS and to optimize your memory analysis workflow.
GLPI vulnerabilities checking tool.
glpwnme is a tool used to check for vulnerabilities on running instance of glpi.
Related contents:
Wr1t3Up d3 Hip5kull
Joueur de CTF sur diverses plateformes, l’idée de ce site est de mettre à disposition de tous, les diverses résolutions de machines effectuées. Passionné par la cybersécurité et l’IT, les CTFs me permettent d’apprendre énormément sur les failles et l’exploitation de ces dernières.
Fuzzowski-based OPCUA fuzzer.
Fuzzing should never be conducted on production equipment or systems. This testing technique can cause unexpected behavior, system crashes, data corruption, or security vulnerabilities. Always perform fuzzing in a controlled, isolated environment to ensure the safety and stability of production systems.
FuzzySully is an OPC UA fuzzer built upon Fuzzowski. It is a specialized testing tool designed to identify vulnerabilities and bugs in OPC UA (Open Platform Communications Unified Architecture) implementations. These fuzzers typically operate by generating and sending a large number of malformed or unexpected messages to an OPC UA server or client, with the goal of triggering unexpected behavior or crashes.
Related contents:
recover data from the Akira ransomware without paying the ransom.
Rust tool to detect cell site simulators on an orbic mobile hotspot. Rayhunter is an IMSI Catcher Catcher for the Orbic mobile hotspot.
Related contents:
Automated Command Line Identity Generation Tool for OSINT Investigators. Command Line Sock Puppet Creator for Investigators.
Loki can create a sock puppet identity, that you can use to create a fake online presence to start your investigations. As an OSINT, Private or any other Investigator who seeks to conduct OSINT investigations; you need a sock puppet which cannot be traced back to you. Setting up a sock puppet is easy; only if you know where to look for.
🤖 The Modern Port Scanner 🤖
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported).
Adalanche is an Attack Graph Visualizer and Explorer for Active Directory. It shows the permissions users and groups have in an Active Directory. It's useful for visualizing and exploring who can take over accounts, machines, or the entire domain. It can find and show misconfigurations.
Related contents:
Ollama Automated Security Intelligence Scanner.
🛡️ An AI-powered security auditing tool that leverages Ollama models to detect and analyze potential security vulnerabilities in your code.
Advanced code security analysis through the power of AI
Related contents:
Dynamically program the kernel for efficient networking, observability, tracing, and security.
eBPF is a revolutionary technology with origins in the Linux kernel that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring to change kernel source code or load kernel modules.
Related contents:
🏄 Framework-agnostic CSRF middleware for modern Node.js.
This middleware helps web developers fight CSRF attacks. Bear in mind, by solely using this middleware, we can't guarantee your app will be free from CSRF attacks. Refer to CSRF Prevention Cheat Sheet and pillarjs/understanding-csrf for more details.
A completely free and open source email validation API that never stores your data. Built to support solopreneurs and the developer community.
A high-performance, cost-effective email validation service designed for indie hackers and small startups. The service validates email addresses in real-time, checking syntax, domain existence, MX records, and detecting disposable email providers. The main focus is on precision instead of recall, meaning instead of edge cases the focus is on having the biggest coverage.
2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop.
Related contents:
Vulnerability-proof your Linux Operating Systems Deploy pristine, secure Linux images–whether containerized, running on a virtual machine, or deployed on bare metal.
Related contents:
Open Source Cloud Native Application Protection Platform (CNAPP).
Deepfence ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk-of-exploit. It uncovers vulnerable software components, exposed secrets and deviations from good security practice. ThreatMapper uses a combination of agent-based inspection and agent-less monitoring to provide the widest possible coverage to detect threats.
Where companies get their teams secured.
Riot is the leading employee security posture management platform, keeping thousands of the world's leading companies safe from hackers.
Related contents:
AntiSquat leverages AI techniques such as natural language processing (NLP), large language models (ChatGPT) and more to empower detection of typosquatting and phishing domains.
Related contents:
Cybersecurity Search Engine.
Criminal IP is an OSINT search engine specialized in attack surface assessment and threat hunting.
It offers extensive cyber threat intelligence, including device reputation, geolocation, IP reputation for C2 or scanners, domain safety, malicious link detection, and APT attack vectors via search and API.
Smart SSH, HTTPS and MySQL bastion that requires no additional client-side software.
Threat-hunting tool for Linux . Bring your Linux Threat-Hunting capabilities to the next level.
Kunai is a powerful tool designed to bring actionable insights for tasks such as security monitoring and threat hunting on Linux systems. Think of it as the Linux counterpart to Sysmon on Windows, tailored for comprehensive and precise event monitoring.
Related contents:
Powershell Based tool for gathering information related to O365 intrusions and potential Breaches
NGINX configuration static analyzer.
Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection.
Privilege Escalation Awesome Scripts SUITE new generation.
Here you will find privilege escalation tools for Windows and Linux/Unix* and MacOS.
These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily.
A fast WordPress plugin enumeration tool.
WPProbe is a fast and efficient WordPress plugin scanner that leverages REST API enumeration (?rest_route) to detect installed plugins without brute-force.
Unlike traditional scanners that hammer websites with requests, WPProbe takes a smarter approach by querying the exposed REST API. This technique allows us to identify plugins stealthily, reducing detection risks and speeding up the scan process.
Kanidm is a simple and secure identity management platform, allowing other applications and services to offload the challenge of authenticating and storing identities to Kanidm.
Community, Open Source Suricata based NDR
Part of Network-based threat detection and response solutions from Stamus Networks™
Related contents:
Avilla Forensics is a free mobile forensic tool created in February 2021 to assist investigators in collecting information and evidence from mobile devices. Developed by Daniel Avilla, a police officer from São Paulo, the tool provides powerful features for logical data extraction and backup conversion into formats compatible with advanced forensic analysis software, such as IPED and Cellebrite Physical Analyser.
Information Gatherer & Webapps Exploiter. a Python-based tool to streamline and centralize some pentesting tasks.
Lucille is a comprehensive web application security testing tool designed for cybersecurity professionals. built with Python, Lucille offers a suite of user-friendly tools, it aims to provide an efficient and practical tools streamlining pentesting tasks and centralizing various audit and exploitation techniques.
Bash script to automate setup of Linux router useful for IoT device traffic analysis and SSL mitm
Header Exploitation HTTP.
HExHTTP is a tool designed to perform tests on HTTP headers and analyze the results to identify vulnerabilities and interesting behaviors.
Related contents:
Seamless, technology-driven remote access from anywhere, at any time. Take control of your servers and devices from any location while boosting security through our centralized SSH gateway tailored for edge and cloud computing.
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.
SploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability. Empowering cybersecurity professionals with the capability to swiftly identify and apply known and test exploits. It's particularly valuable for professionals seeking to enhance their security measures or develop robust detection strategies against emerging threats.
Advanced Cyber Threat Map (Simplified, customizable, responsive and optimized).
Advanced Cyber Threat Map (Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, ~100,000 cities, and can be used in an isolated environment without external lookups!.
Pentesting Reporting Tool.
BlackStone project or "BlackStone Project" is a tool created in order to automate the work of drafting and submitting a report on audits of ethical hacking or pentesting.
In this tool we can register in the database the vulnerabilities that we find in the audit, classifying them by internal, external audit or wifi, in addition, we can put your description and recommendation, as well as the level of severity and effort for its correction. This information will then help us generate in the report a criticality table as a global summary of the vulnerabilities found.
Related contents:
Secure & reliable LLMs. Test & secure your LLM apps. Open-source LLM testing used by 51,000+ developers.
Test your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration.
Related contents:
Bienvenue, vous êtes au bon endroit pour apprendre le hacking avec les enfants en s'amusant !
Related contents:
SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi
Linux firewalling and traffic shaping for humans.
FireHOL is a language (and a program to run it) which builds secure, stateful firewalls from easy to understand, human-readable configurations. The configurations stay readable even for very complex setups.
Related contents:
WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices
NucleiFuzzer is a robust automation tool designed for efficiently detecting web application vulnerabilities, including XSS, SQLi, SSRF, and Open Redirects, leveraging advanced scanning and URL enumeration techniques.
Related contents:
Login screen for your apps.
The simplest way to protect your apps with a login screen.
Tinyauth is a simple authentication middleware that adds simple username/password login or OAuth with Google, Github and any generic OAuth provider to all of your docker apps. It is made for traefik but it can be extended to work with all reverse proxies like caddy and nginx.
l'humain au cœur de la cybersécurité. La sensibilisation à la cybersécurité réinventée qui divise par 10 le risque de cyberattaque
A l’aide d’un programme de sensibilisation au phishing basé sur l’apprentissage par l’action, créé sur mesure pour chaque utilisateur et animé sur la durée sans intervention de votre part
select * from logs;
Open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.
PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirectory module (ADWS) or System.DirectoryServices class (LDAP).
ShadowHound is a set of PowerShell scripts for Active Directory enumeration without the need for introducing known-malicious binaries like SharpHound. It leverages native PowerShell capabilities to minimize detection risks and offers two methods for data collection.
Related contents:
Checks for signature requirements over LDAP. The script will establish a connection to the target host(s) and request authentication without signature capability. If this is accepted, it means that the target hosts allows unsigned LDAP sessions and NTLM relay attacks are possible to this LDAP service (whenever signing is not requested by the client).
PowerShell-Hunter is a growing collection of PowerShell-based threat hunting tools designed to help defenders investigate and detect malicious activity in Windows environments. This project aims to provide security analysts with powerful, flexible tools that leverage PowerShell's native capabilities for threat hunting.
Related contents:
Browser Extension Security Auditor.
Scan Browser Extensions. Detect Hidden Threats. Don't sacrifice privacy for convenience. Scan your browser extensions completely on-device.
Related contents:
Le portail de la tranformation numérique des entreprises.
Related contents: