Pylirt – Python Linux Incident Response Toolkit

With this application, it is aimed to accelerate the incident response processes by collecting information in linux operating systems. Features Information is collected in the following contents. /etc/passwd cat /etc/group cat /etc/sudoers lastlog cat /var/log/auth.log uptime/proc/meminfo ps aux /etc/resolv.conf /etc/hosts iptables -L -v -n find / -type f -size +512k -exec ls -lh {}/; findRead More

Pywirt – Python Windows Incident Response Toolkit

With this application, it is aimed to accelerate the incident response processes by collecting information in windows operating systems via winrm. Features Information is collected in the following contents. IP Configuration Users Groups Tasks Services Task Scheduler Registry Control Active TCP & UDP ports File sharing Files Firewall Config Sessions with other Systems Open SessionsRead More

Wodat – Windows Oracle Database Attack Toolkit

Simple port of the popular Oracle Database Attack Tool (ODAT) (https://github.com/quentinhardy/odat) to C# .Net Framework. Credit to https://github.com/quentinhardy/odat as lots of the functionality are ported from his code. Perform password based attacks e.g. username as password, username list against given password, password list against given username, username:pass combolist. Test if a credential/connection string is workingRead More

SCMKit – Source Code Management Attack Toolkit

[*] Source Code Management Attack Toolkit – SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows the user to specify the SCM system and attack module to use, along with specifying valid credentials (username/password or API key) to the respective SCM system. Currently, the SCM systems that SCMKit supports areRead More

GraphCrawler – GraphQL Automated Security Testing Toolkit

Graph Crawler is the most powerful automated testing toolkit for any GraphQL endpoint. NEW: Can search for endpoints for you using Escape Technology’s powerful Graphinder tool. Just point it towards a domain and add the ‘-e’ option and Graphinder will do subdomain enumeration + search popular directories for GraphQL endpoints. After all this GraphCrawler willRead More

RedTeam-Physical-Tools – Red Team Toolkit – A Curated List Of Tools That Are Commonly Used In The Field For Physical Security, Red Teaming, And Tactical Covert Entry

Commonly used tools for Red Teaming Engagements, Physical Security Assessments, and Tactical Covert Entry. In this list I decided to share most of the tools I utilize in authorized engagements, along with my personal ranking of their value based on their usage and for you to consider if they should be in your toolkit, includingRead More

Vortex – VPN Overall Reconnaissance, Testing, Enumeration And eXploitation Toolkit

[*] VPN Overall Reconnaissance, Testing, Enumeration and Exploitation Toolkit Overview A very simple Python framework, inspired by SprayingToolkit, that tries to automate most of the process required to detect, enumerate and attack common O365 and VPN endpoints (like Cisco, Citrix, Fortinet, Pulse, etc…). Why I developed it Make the VPN spraying phase much quicker andRead More

SQLRecon – A C# MS SQL Toolkit Designed For Offensive Reconnaissance And Post-Exploitation

A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation. For detailed usage information on each technique, refer to the wiki. Usage You can grab a copy of SQLRecon from the releases page. Alternatively, feel free to compile the solution yourself This should be as straight forward as cloning the repo, double clicking the solutionRead More

X