Security Training Share
LDAPDomainDump Active Directory information dumper via LDAP In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP an interesting protocol...
Enumdb is a brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each targeted host looking for valid credentials. By...
enumerid Enumerid is an impacket based Relative Identifier (RID) enumeration utility. It was initially created to solve a common problem that attackers face after getting an initial compromise- getting oriented within the network. Historically this means...
The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aid penetration testing operations: exploits – modules that take advantage of identified vulnerabilities creds – modules...
Wirespy Automate Man In The Middle Attacks (MITMAs) over WiFi. Wirespy allows attackers to set up quick honeypots to carry out MITMAs. Monitoring and logging functionalities are implemented in order to keep records of...
ExchangeRelayX An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers. Version 1.0.0. This tool is a PoC to demonstrate the ability of an attacker to perform...
Shodan client for JavaScript API 👀 The content of the result is the same provided by the HTTP API. You can check them in the API documentation. version Library version. async host(ip, key, opts) Returns all...
snyk Snyk helps you find, fix and monitor known vulnerabilities in Node.js npm, Ruby and Java dependencies, both on an ad hoc basis and as part of your CI (Build) system. Features Find known vulnerabilities...
Bashark Bashark aids pentesters and security researchers during the post-exploitation phase of security audits. Features Single Bash script Lightweight and fast Multi-platform: Unix, OSX, Solaris etc. No external dependencies Immune to heuristic and behavioral...
Introduction: What is ciscoconfparse? ciscoconfparse is a Python library, which parses through Cisco IOS-style (and other vendors) configurations. It can: Audit existing router / switch / firewall / wlc configurations Retrieve portions of the configuration Modify...
LogRM LogRM is a post-exploitation powershell script which it uses windows event logs to gather information about the internal network in a penetration testing engagement. It is not only useful for blue teams but...
Habu: Python Network Hacking Toolkit I’m developing Habu to teach (and learn) some concepts about Python and Network Hacking. These are basic functions that help with some tasks for Ethical Hacking and Penetration Testing....
WiFi Miner Detector Overview A tool for detecting malicious WiFi with mining cryptocurrency. Some weeks ago I read a news “Starbucks Wi-Fi Hijacked People’s Laptops to Mine Cryptocurrency“. The attackers inject the CoinHive javascript...
GhostTunnel GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload (agent), then the HID...
