Mesh-Kridik – An Open-Source Security Checker That Performs Various Security Checks On A Kubernetes Cluster With Istio Service Mesh And Is Leveraged By OPA (Open Policy Agent) To Enforce Security Rules

Enhance your Kubernetes service mesh security !! mesh-kridik is an open-source security checker that performs various security checks on a Kubernetes cluster with istio service mesh and outputs a security report. The security checks tests are the full implementation of istio security best practices The security checks performed on a Kubernetes cluster with istio serviceRead More

CloudSpec – An Open Source Tool For Validating Your Resources In Your Cloud Providers Using A Logical Language

CloudSpec is an open source tool for validating your resources in your cloud providers using a logical language that everybody can understand. With its reasonably simple syntax, you can validate the configuration of your cloud resources, avoiding mistakes that can lead to availability or confidentiality issues.   Introduction With CloudSpec you validate resources in yourRead More

SubCrawl – A Modular Framework For Discovering Open Directories, Identifying Unique Content Through Signatures And Organizing The Data With Optional Output Modules, Such As MISP

SubCrawl is a framework developed by Patrick SchlΓ€pfer, Josh Stroschein and Alex Holland of HP Inc’s Threat Research team. SubCrawl is designed to find, scan and analyze open directories. The framework is modular, consisting of four components: input modules, processing modules, output modules and the core crawling engine. URLs are the primary input values, whichRead More

Karma_V2 – A Passive Open Source Intelligence (OSINT) Automated Reconnaissance (Framework)

πš”πšŠπš›πš–πšŠ 𝚟𝟸 is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework) πš”πšŠπš›πš–πšŠ 𝚟𝟸 can be used by Infosec Researchers, Penetration Testers, Bug Hunters to find deep information, more assets, WAF/CDN bypassed IPs, Internal/External Infra, Publicly exposed leaks and many more about their target. Shodan Premium API key is required to use this automation. OutputRead More

Rdesktop – Open Source Client for Microsoft’s RDP protocol

rdesktop is an open source client for Microsoft’s RDP protocol. It is known to work with Windows versions ranging from NT 4 Terminal Server to Windows 2012 R2 RDS. rdesktop currently has implemented the RDP version 4 and 5 protocols. Installation rdesktop uses a GNU-style build procedure. Typically all that is necessary to install rdesktopRead More

ODBParser – OSINT Tool To Search, Parse And Dump Only The Open Elasticsearch And MongoDB Directories That Have The Data You Care About Exposing

ODBParser is a tool to search for PII being exposed in open databases. ONLY to be used to identify exposed PII and warn server owners of irresponsible database maintenance OR to query databases you have permission to access! PLEASE USE RESPONSIBLY What is this? Wrote this as wanted to create one-stop OSINT tool for searching,Read More

TIGMINT – OSINT (Open Source Intelligence) GUI Software Framework

An OSINT (Open Source Intelligence) software framework with an objective of making cyber investigations more convinient by implementing abstraction mechanisms to hide the background technical complexity also bundling different analysis techniques for social media Intelligence together providing a simple intuitive web interface for the user to work with. Preview Modules   Our Team Documentation AccountRead More

Zuthaka – An Open Source Application Designed To Assist Red-Teaming Efforts, By Simplifying The Task Of Managing Different APTs And Other Post-Exploitation Tools

A collaborative free open-source Command & Control integration framework that allows developers to concentrate on the core function and goal of their C2. Explore the docs Β» About the project Problem Statement The current C2s ecosystem has rapidly grown in order to adapt to modern red team operations and diverse needs (further information on C2Read More

LoGiC.NET – A More Advanced Free And Open .NET Obfuscator Using Dnlib

LoGiC.NET is a free and open-source .NET obfuscator that uses dnlib for folks that want to see how obfuscation works with more complex obfuscations than Goldfuscator for example. Before obfuscation After obfuscation Dependencies dnlib v3.3.2 : Restore NuGet packages and it’ll work (if it doesn’t already). SharpConfigParser : https://github.com/AnErrupTion/LoGiC.NET/raw/master/SharpConfigParser.dll Current Features Renames methods, parameters, properties,Read More

Security Scorecards – Security Health Metrics For Open Source

Security Health Metrics For Open Source Motivation A short motivational video clip to inspire us: https://youtu.be/rDMMYT3vkTk “You passed! All D’s … and an A!” Goals Automate analysis and trust decisions on the security posture of open source projects. Use this data to proactively improve the security posture of the critical projects the world depends on.Read More

X