Checks

OSIPs – Gathers All Valid IP Addresses From All Text Files From A Directory, And Checks Them Against Whois Database, TOR Relays And Location

18 Jun 2022 By hackergadgets

This script scans every file from a given folder recursively, extracts every IPv4 and IPv6 address, filters out the public IP addresses and then queries these IPs against TOR relays, WhoIs service and Location service. It outputs 4 files: a CSV file and a JSON file with all details of the IP addresses, a CSVRead More

linWinPwn – A Bash Script That Automates A Number Of Active Directory Enumeration And Vulnerability Checks

17 Apr 2022 By hackergadgets

linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks. The script leverages and is dependent of a number of tools including: impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump. Setup Git clone the repository and make the script executable git clone https://github.com/lefayjey/linWinPwncd linWinPwn; chmod +x linWinPwn.sh Install LinuxRead More

Invoke-EDRChecker – Checks Running Processes, Process Metadata, Dlls Loaded Into Your Current Process And The Each DLLs Metadata, Common Install Directories, Installed Services, The Registry And Running Drivers For The Presence Of Known Defensive Products Such As AV’s, EDR’s And Logging Tools

07 Feb 2022 By hackergadgets

The script will check running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV’s, EDR’s and logging tools. This script can be loaded into your C2 server as well forRead More

Mesh-Kridik – An Open-Source Security Checker That Performs Various Security Checks On A Kubernetes Cluster With Istio Service Mesh And Is Leveraged By OPA (Open Policy Agent) To Enforce Security Rules

21 Dec 2021 By hackergadgets

Enhance your Kubernetes service mesh security !! mesh-kridik is an open-source security checker that performs various security checks on a Kubernetes cluster with istio service mesh and outputs a security report. The security checks tests are the full implementation of istio security best practices The security checks performed on a Kubernetes cluster with istio serviceRead More

SharpEDRChecker – Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV’s, EDR’s And Logging Tools

28 Jan 2021 By

New and improved C# Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV’s, EDR’s and logging tools. Catches hiddenRead More

Fast-Security-Scanners – Security Checks For Your Researches

02 Dec 2020 By

A small contribution to community 🙂 We use all these tools in security assessments and in our vulnerability monitoring service Check your domain for DNS NS takeover (Repo) docker run –dns=8.8.8.8 -e VULN_ID=dns_ns_takeover -e DOMAIN=site.com whitespots/dnsnstakeover Cache Poisoning (Repo) docker run –rm -it –name wcdscanner -e VULN_ID=wcd -e FIND_XSS=False -e DOMAIN=site.com whitespots/wcdxss XSS via MetaRead More

Cnitch – Container Snitch Checks Running Processes Under The Docker Engine And Alerts If Any Are Found To Be Running As Root

04 Aug 2020 By

cnitch (snitch or container snitch) is a simple framework and command line tool for monitoring Docker containers to identify any processes which are running as root.Why is this a bad thing? If you have not already been to can I haz non-privileged containers? by mhausenblas then I recommend you head over there now to getRead More

Kube-Bench – Checks Whether Kubernetes Is Deployed According To Security Best Practices As Defined In The CIS Kubernetes Benchmark

30 Jun 2020 By

kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark.Tests are configured with YAML files, making this tool easy to update as test specifications evolve.Please Note kube-bench implements the CIS Kubernetes Benchmark as closely as possible. Please raise issues here if kube-bench isRead More

Pulsar – Network Footprint Scanner Platform – Discover Domains And Run Your Custom Checks Periodically

31 Mar 2020 By

Pulsar is an automated network footprint scanner for Red Teams, Pentesters and Bounty Hunters. Its focused on discovery of organization public facing assets with minimal knowledge about its infrastructure. Along with network data visualization, it attempts to give a basic vulnerability score to find infrastructure weak points and their relation to other resources. It canRead More

X