Microsoft late Thursday raised the alarm after discovering Chinese cyber-espionage operators chaining two zero-day exploits to achieve remote code execution on affected Microsoft Exchange servers. Microsoft said the two under-attack vulnerabilities exist in Microsoft...
linux-smart-enumeration Linux enumeration tools for pentesting and CTFs This project was inspired by LinEnum and uses many of its tests. Unlike LinEnum, lse tries to gradually expose the information depending on its importance from a privesc...
What is Matano? Matano is an open-source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in a data lake, and...
Internet Of Things Exploitation Framework Expliot is a framework for security testing IoT and IoT infrastructure. It provides a set of plugins (test cases) and can be extended easily to create new plugins. Changelog...
emp3r0r Linux/Windows post-exploitation framework made by Linux user features beautiful terminal UI, use tmux for window management multi-tasking, you don’t need to wait for any commands to finish basic API provided through Unix socket...
The Auditor app uses hardware-based security features to validate the identity of a device along with the authenticity and integrity of the operating system. It will verify that the device is running the stock operating...
The lunar script generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in...
FaPro FaPro is a Fake Protocol Server tool, Can easily start or stop multiple network services. The goal is to support as many protocols as possible, and support as many deep interactions as possible...
OWASP WrongSecrets Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your secrets. These can help you to realize whether your secret management...
murphysec MurphySec CLI is used for detecting vulnerable dependencies from the command-line, and also can be integrated into your CI/CD pipeline. Features Analyze dependencies being used by your project, including direct and indirect dependencies Detect...
