Nightingale – Docker Environment For Pentesting Which Having All The Required Tool For VAPT

In today’s technological era, docker is the most powerful technology in each and every domain, whether it is Development, cyber security, DevOps, Automation, or Infrastructure. Considering the demand of the industry, I would like to introduce my idea to create a NIGHTINGALE: docker image for pentesters. This docker image is ready to use environment willRead More

Goreplay – Open-Source Tool For Capturing And Replaying Live HTTP Traffic Into A Test Environment In Order To Continuously Test Your System With Real Data

GoReplay is an open-source network monitoring tool which can record your live traffic and use it for shadowing, load testing, monitoring and detailed analysis. About As your application grows, the effort required to test it also grows exponentially. GoReplay offers you the simple idea of reusing your existing traffic for testing, which makes it incrediblyRead More

Poro – Scan Publicly Accessible Assets On Your AWS Cloud Environment

Scan for publicly accessible assets on your AWS environment Services covered by this tool: AWS ELB API Gateway S3 Buckets RDS Databases EC2 instances Redshift Databases Poro also check if a tag you specify is applied to identified public resources using –tag-key and –tag-value arguments. Prequisites AWS account with Read Only Access to services listedRead More

AWS-Loot – Pull Secrets From An AWS Environment

Searches an AWS environment looking for secrets, by enumerating environment variables and source code. This tool allows quick enumeration over large sets of AWS instances and services. Install pip install -r requirements.txt An AWS credential file (.aws/credentials) is required for authentication to the target environment Access Key Access Key Secret How it works Awsloot worksRead More

Kubernetes-Goat – Is A "Vulnerable By Design" Kubernetes Cluster. Designed To Be An Intentionally Vulnerable Cluster Environment To Learn And Practice Kubernetes Security

  The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. Refer to for the guide. Show us some Please feel free to send us a PR and show some   Upcoming Training’s and Sessions DEFCON DEMO Labs Cloud Village – DEFCON Recent KubernetesRead More

ADLab – Custom PowerShell Module To Setup An Active Directory Lab Environment To Practice Penetration Testing

The purpose of this module is to automate the deployment of an Active Directory lab for practicing internal penetration testing. Credits to Joe Helle and his PowerShell for Pentesters course regarding the generation of the attack vectors. Instructions Preparation Optional but recommended: Move Module into PSModulePath # Display PSModulePath$env:PSModulePath.split(“;”)# Move module to pathMove-Item .ADLab “C:Windowssystem32WindowsPowerShellv1.0Modules”Read More

pongoOS – A Pre-Boot Execution Environment For Apple Boards

A pre-boot execution environment for Apple boards built on top of checkra1n. Building on macOS Install Xcode + command-line utilities make clean all Building on Linux Download Sam Bingner’s iOS Toolchain Copy scripts/arm64-apple-ios12.0.0-clang to a directory in $PATH Adjust the TOOLCHAIN variable to point to the downloaded toolchain make clean all Contributions By submitting aRead More

Talon – A Password Guessing Tool That Targets The Kerberos And LDAP Services Within The Windows Active Directory Environment

[*] Talon is a tool designed to perform automated password guessing attacks while remaining undetected. Talon can enumerate a list of users to identify which users are valid, using Kerberos. Talon can also perform a password guessing attack against the Kerberos and LDAPS (LDAP Secure) services. Talon can either use a single domain controller orRead More

IoT-PT – A Virtual Environment For Pentesting IoT Devices

A new pentesting virtual environment for IoT DevicesDownload Link : : d9c20057b14cfa3fb25f744813b828df ; SHA1: 8828d693dc6c809377bab40d2bc26f525685e287OS info and Requirements Base OS : Lubuntu 18.04 LTS Processors : 2 (By default 4) RAM : 3GB (By default 8) VirtualBox 6+ username : iotpt ; password : iot1 To Do:- To Develop OpenSource Hardware Lab To DevelopRead More

Docker for Pentest – Image With The More Used Tools To Create A Pentest Environment Easily And Quickly

Docker for pentest is an image with the more used tools to create an pentest environment easily and quickly. Features OS, networking, developing and pentesting tools installed. Connection to HTB (Hack the Box) vpn to access HTB machines. Popular wordlists installed: SecLists, dirb, dirbuster, fuzzdb, wfuzz and rockyou. Proxy service to send traffic from anyRead More