SEMA – ToolChain using Symbolic Execution for Malware Analysis SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based...
The post SEMA: ToolChain using Symbolic Execution for Malware Analysis appeared first on Penetration Testing Tools.
DNS Diagnostics and Performance Measurement Tools Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is...
The post dnsdiag: DNS Diagnostics and Performance Measurement Tools appeared first on Penetration Testing Tools.
osctrl osctrl is a fast and efficient osquery management solution, implementing its remote API as a TLS endpoint. With osctrl, you can monitor all your systems running osquery, distribute its configuration fast, collect all the status and result logs,...
The post osctrl: Fast and efficient osquery management appeared first on Penetration Testing Tools.
NetAlertX – Network scanner & notification framework Get visibility of what’s going on on your WIFI/LAN network. Schedule scans for devices, port changes and get alerts if unknown devices or changes are found. Write...
The post NetAlertX: WIFI/LAN intruder detector appeared first on Penetration Testing Tools.
BotKube BotKube integration with Slack, Mattermost, or Microsoft Teams helps you monitor your Kubernetes cluster, debug critical deployments, and gives recommendations for standard practices by running checks on the Kubernetes resources. You can also ask BotKube to execute...
The post botkube: monitor your Kubernetes cluster, debug critical deployments appeared first on Penetration Testing Tools.
chainsaw – Rapidly Search and Hunt through Windows Event Logs Chainsaw provides a powerful “first-response” capability to quickly identify threats within Windows event logs. It offers a generic and fast method of searching through...
The post chainsaw: Rapidly Search and Hunt through Windows Event Logs appeared first on Penetration Testing Tools.
Tempest Tempest is a command and control framework written in 100% Rust. TEMPEST COMPONENTS: anvil – server 2 servers with APIs. All APIs are authenticated and unauth-discovery resistent. sqlite local database internal functions (building imps,...
The post Tempest: A command and control framework written in Rust appeared first on Penetration Testing Tools.
The Bastion Bastions are a cluster of machines used as the unique entry point by operational teams (such as sysadmins, developers, database admins, …) to securely connect to devices (servers, virtual machines, cloud instances,...
The post the-bastion: securely connect to devices appeared first on Penetration Testing Tools.
GShark The project is based on golang with AdminLTE to build a management system to manage the Github search results. Github API has been utilized to scrawl the related results according to keywords and...
The post gshark: Scan for sensitive information in Github easily and effectively appeared first on Penetration Testing Tools.
Tracee – Container, and system tracing using eBPF Tracee is a lightweight and easy-to-use container and system tracing tool. It allows you to observe system calls and other system events in real-time. A unique...
The post tracee: Container and system event tracing using eBPF appeared first on Penetration Testing Tools.
Blinks Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the integration of webhooks, this tool sends real-time updates whenever a new issue...
The post Blinks: Streamline Security Testing, Automate Burp Suite Pro Scans appeared first on Penetration Testing Tools.
Safety Safety is a command-line tool. Use it to check your local virtual environment, your requirement files, or any input from stdin for dependencies with security issues. If you are using something insecure,...
The post safety: checks your installed dependencies for known security vulnerabilities appeared first on Penetration Testing Tools.
SCCMSecrets SCCMSecrets.py is an SCCM policies exploitation tool. It goes beyond NAA credentials extraction, and aims to provide a comprehensive approach regarding SCCM policies exploitation. The tool can be executed from various levels of...
The post SCCMSecrets: exploit SCCM policies distribution for credentials harvesting, initial access and lateral movement appeared first on Penetration Testing Tools.
grype A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Features Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major...
The post grype: vulnerability scanner for container images and filesystems appeared first on Penetration Testing Tools.
cilium: eBPF-based Networking, Security, and Observability Cilium is open source software for providing and transparently securing network connectivity and load-balancing between application workloads such as application containers or processes. Cilium operates at Layer 3/4...
The post cilium: eBPF-based Networking, Security, and Observability appeared first on Penetration Testing Tools.
SIMurai SIMurai is a software platform designed for security-focused SIM exploration and experimentation. At its core, it offers a versatile software SIM implementation that can be integrated into various environments for advanced testing and...
The post SIMurai: Empowering Security Experimentation through Versatile SIM Implementation appeared first on Penetration Testing Tools.
Ghostwriter Ghostwriter is a part of your team. It helps you manage clients, projects, reports, and infrastructure in one application. It does not replace some of the more common or traditional project management tools,...
The post Ghostwriter: The SpecterOps project management and reporting engine appeared first on Penetration Testing Tools.
pmacct pmacct is a small set of multi-purpose passive network monitoring tools. It can account, classify, aggregate, replicate and export forwarding-plane data, ie. IPv4 and IPv6 traffic; collect and correlate control-plane data via BGP...
The post pmacct: passive network monitoring tools appeared first on Penetration Testing Tools.
DriverJack DriverJack is a tool designed to load a vulnerable driver by abusing lesser-known NTFS techniques. These method bypass the registration of a Driver Service on the system by hijacking an existing service, and also...
The post DriverJack: load a vulnerable driver by abusing lesser-known NTFS techniques appeared first on Penetration Testing Tools.
enum4linux-ng enum4linux-ng.py is a rewrite of Mark Lowe’s (former Portcullis Labs now Cisco CX Security Labs) enum4linux.pl, a tool for enumerating information from Windows and Samba systems, aimed at security professionals and CTF players....
The post enum4linux-ng: enumerating information from Windows and Samba systems appeared first on Penetration Testing Tools.
