Security Training Share
TransportC2 TransportC2 is a command and control server that is able to run in the background as a service. This allows penetration testers and red teamers the ability to spend time gathering target machines,...
Osquery-ATT&CK The goal of this repository is to try to map the MITRE ATT&CK with the Osquery for enterprise threat hunting. Each conf file is a Query Pack that can be used enterprise threat...
PcapXray A Network Forensics Tool – To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction. PcapXray Design Specification Goal: Given a Pcap File, plot...
ghacks user.js The ghacks user.js is a template which aims to provide as much privacy and enhanced security as possible and to reduce tracking and fingerprinting as much as possible – while minimizing any loss of functionality and...
OWASP Juice Shop OWASP Juice Shop is an intentionally insecure web app for security training written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws. For a detailed introduction, full...
twa A tiny web auditor with strong opinions. Install Docker twa can be used from a lightweight (29MB) Alpine Docker container. To install it from Docker Hub: $ docker pull trailofbits/twa or, to build it manually: $...
Wazuh Wazuh helps you to gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the following capabilities: Log...
EKFiddle v.0.8.4 A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Changelog Version 0.8.4 – Added Sucuri SiteCheck scanner (select Session(s), right click -> Hostname->...
WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a...
Tor Router Tor Router is a SOCKS5, DNS and HTTP proxy server for distributing traffic across multiple instances of Tor. At startup, Tor Router will run an arbitrary number of instances Tor and each request...
SlackPirate – Slack Enumeration and Extraction Tool This is a tool developed in Python which uses the native Slack APIs to extract ‘interesting’ information from a Slack workspace given an access token. As of...
os-hardening This cookbook provides numerous security-related configurations, providing all-around base protection. It configures: Configures package management e.g. allows only signed packages Remove packages with known issues Configures pam and pam_limits module Shadow password suite configuration Configures system path...
The Sleuth Kit is an open source forensic toolkit for analyzing Microsoft and UNIX file systems and disks. The Sleuth Kit enables investigators to identify and recover evidence from images acquired during incident response...
Autopsy is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on...
