Brutus – An Educational Exploitation Framework Shipped On A Modular And Highly Extensible Multi-Tasking And Multi-Processing Architecture

An educational exploitation framework shipped on a modular and highly extensible multi-tasking and multi-processing architecture. Brutus: an Introduction Looking for version 1? See the branches in this repository. Brutus is an educational exploitation framework written in Python. It automates pre and post-connection network-based exploits, as well as web-based reconnaissance. As a light-weight framework, Brutus aimsRead More

Mediator – An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture

Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a “mediator” server that bridges the connections. This removes the need for the operator/handler to set up port forwarding in order to listen for the connection. Mediator also allows you to create plugins to expand the functionality of theRead More

Cypheroth – Automated, Extensible Toolset That Runs Cypher Queries Against Bloodhound’s Neo4j Backend And Saves Output To Spreadsheets

Automated, extensible toolset that runs cypher queries against Bloodhound’s Neo4j backend and saves output to spreadsheets. Description This is a bash script that automates running cypher queries against Bloodhound data stored in a Neo4j database. I found myself re-running the same queries through the Neo4j web interface on multiple assessments and figured there must beRead More

Decoder++ – An Extensible Application For Penetration Testers And Software Developers To Decode/Encode Data Into Various Formats

An extensible application for penetration testers and software developers to decode/encode data into various formats. Setup Decoder++ can be either installed by using pip or by pulling the source from this repository: # Install using pippip3 install decoder-plus-plus Overview This section provides you with an overview about the individual ways of interacting with Decoder++. ForRead More

SitRep – Extensible, Configurable Host Triage

[*] SitRep is intended to provide a lightweight, extensible host triage alternative. Checks are loaded dynamically at runtime from stand-alone files. This allows operators to quickly modify existing checks, or add new checks as required. Checks are grouped by category and can be marked as OpSec safe/unsafe. unsafe checks are only loaded if the /AllowUnsafeRead More

Tsunami – A General Purpose Network Security Scanner With An Extensible Plugin System For Detecting High Severity Vulnerabilities With High Confidence

Tsunami is a general-purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.To learn more about Tsunami, visit our documentations.Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All publicly available Tsunami plugins are hosted in a separate google/tsunami-security-scanner-plugins repository.Current Status Currently Tsunami is in ‘pre-alpha’ releaseRead More

Forerunner – Fast And Extensible Network Scanning Library Featuring Multithreading, Ping Probing, And Scan Fetchers

The Forerunner library is a fast, lightweight, and extensible networking library created to aid in the development of robust network centric applications such as: IP Scanners, Port Knockers, Clients, Servers, etc. In it’s current state, the Forerunner library is able to both synchronously and asynchronously scan and port knock IP addresses in order to obtainRead More