Blog

SysFlow – Cloud-native System Telemetry Pipeline

This repository hosts the documentation and issue tracker for all SysFlow projects. Quick reference Documentation:the SysFlow Documentation Where to get help:the SysFlow Community Slack Where to file issues:the github issue tracker Source of this description:repo’s readme (history) Docker images:docker hub | GHCR What is SysFlow? The SysFlow Telemetry Pipeline is a framework for monitoring cloudRead More

SubCrawl – A Modular Framework For Discovering Open Directories, Identifying Unique Content Through Signatures And Organizing The Data With Optional Output Modules, Such As MISP

SubCrawl is a framework developed by Patrick SchlΓ€pfer, Josh Stroschein and Alex Holland of HP Inc’s Threat Research team. SubCrawl is designed to find, scan and analyze open directories. The framework is modular, consisting of four components: input modules, processing modules, output modules and the core crawling engine. URLs are the primary input values, whichRead More

PortBender – TCP Port Redirection Utility

PortBender is a TCP port redirection utility that allows a red team operator to redirect inbound traffic destined for one TCP port (e.g., 445/TCP) to another TCP port (e.g., 8445/TCP). PortBender includes an aggressor script that operators can leverage to integrate the tool with Cobalt Strike. However, because the tool is implemented as a reflectiveRead More

PEASS-ng – Privilege Escalation Awesome Scripts SUITE new generation

Basic Tutorial Here you will find privilege escalation tools for Windows and Linux/Unix* and MacOS. These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. Check the Local Windows Privilege Escalation checklist from book.hacktricks.xyz WinPEAS – WindowsRead More

NTFSTool – Forensics Tool For NTFS (Parser, MTF, Bitlocker, Deleted Files)

NTFSTool is a forensic tool focused on NTFS volumes. It supports reading partition info (mbr, partition table, vbr) but also information on bitlocker encrypted volume, EFS encrypted files and more. See below for some examples of the features! Features Forensics NTFSTool displays the complete structure of master boot record, volume boot record, partition table andRead More

Limelighter – A Tool For Generating Fake Code Signing Certificates Or Signing Real Ones

[*] A tool which creates a spoof code signing certificates and sign binaries and DLL files to help evade EDR products and avoid MSS and sock scruitney. LimeLighter can also use valid code signing certificates to sign files. Limelighter can use a fully qualified domain name such as acme.com. Contributing LimeLighter was developed in golang.Read More

Karma_V2 – A Passive Open Source Intelligence (OSINT) Automated Reconnaissance (Framework)

πš”πšŠπš›πš–πšŠ 𝚟𝟸 is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework) πš”πšŠπš›πš–πšŠ 𝚟𝟸 can be used by Infosec Researchers, Penetration Testers, Bug Hunters to find deep information, more assets, WAF/CDN bypassed IPs, Internal/External Infra, Publicly exposed leaks and many more about their target. Shodan Premium API key is required to use this automation. OutputRead More

Inceptor – Template-Driven AV/EDR Evasion Framework

[*] Modern Penetration testing and Red Teaming often requires to bypass common AV/EDR appliances in order to execute code on a target. With time, defenses are becoming more complex and inherently more difficult to bypass consistently. Inceptor is a tool which can help to automate great part of this process, hopefully requiring no further effort.Read More

Special Offer for Hackers!Sign up to get your $5 Coupon code, weekly deals and latest hacking tools straight to your inbox!
X