Dep-Scan – Fully Open-Source Security Audit For Project Dependencies Based On Known Vulnerabilities And Advisories. Supports Both Local Repos And Container Images. Integrates With Various CI Environments Such As Azure Pipelines, CircleCI, Google CloudBuild

dep-scan is a fully open-source security audit tool for project dependencies based on known vulnerabilities, advisories and license limitations. Both local repositories and container images are supported as input. The tool is ideal for CI environments with built-in build breaker logic. If you have just come across this repo, probably the best place to startRead More

LACheck – Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration

[*] Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration Arguments domain controller to query (if not ran on a domain-joined host) /domain – specify domain name (if not ran on a domain-joined host) /edr – check host for EDR (requires smb, rpc, or winrm) /logons – return logged on users on a host (requires smb,Read More

Bugs-feed – A Local Hosted Portal Where You Can Search For The Latest News, Videos, CVEs, Vulnerabilities…

Bug’s feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities… It’s implemented as a PWA application so you can get rid of the explorer and use it as a desktop application. Navigate through different tabs and take a look to the latest bugs or search in allRead More

Lucifer – A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration And More…

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More… Use Or Build Automation Modules To Speed Up Your Cyber Security Life Setup git clone https://github.com/Skiller9090/Lucifer.gitcd Luciferpip install -r requirements.txtpython main.py –help If you want the cutting edge changes add -b dev to the end of git cloneRead More

Wave-Share – Serverless, Peer-To-Peer, Local File Sharing Through Sound

A proof-of-concept for WebRTC signaling using sound. Works with all devices that have microphone + speakers. Runs in the browser. Nearby devices negotiate the WebRTC connection by exchanging the necessary Session Description Protocol (SDP) data via a sequence of audio tones. Upon successful negotiation, a local WebRTC connection is established between the browsers allowing dataRead More

Frp – A Fast Reverse Proxy To Help You Expose A Local Server Behind A NAT Or Firewall To The Internet

A Fast Reverse Proxy To Help You Expose A Local Server Behind A NAT Or Firewall To The Internet. Development Status frp is under development. Try the latest release version in the master branch, or use the dev branch for the version in development. The protocol might change at a release and we don’t promiseRead More

Vulnerable-AD – Create A Vulnerable Active Directory That’S Allowing You To Test Most Of Active Directory Attacks In Local Lab

Create a vulnerable active directory that’s allowing you to test most of active directory attacks in local lab.Main Features Randomize Attacks Full Coverage of the mentioned attacks you need run the script in DC with Active Directory installed Some of attacks require client workstation Supported Attacks Abusing ACLs/ACEs Kerberoasting AS-REP Roasting Abuse DnsAdmins Password inRead More

Airshare – Cross-platform Content Sharing In A Local Network

Airshare is a Python-based CLI tool and module that lets you transfer data between two machines in a local network, P2P, using Multicast-DNS. It also opens an HTTP gateway for other non-CLI external interfaces. It works completely offline! Built with aiohttp and zeroconf. Checkout the demo. Features Blazing fast content transfer within a local network.Read More

Liffy – Local File Inclusion Exploitation Tool

LFI Exploitation tool A little python tool to perform Local file inclusion.Liffy v2.0 is the improved version of liffy which was originally created by rotlogix/liffy. The latter is no longer available and the former hasn’t seen any development for a long time.Main feature data:// for code execution expect:// for code execution input:// for code executionRead More

X