Internet Of Things Exploitation Framework Expliot is a framework for security testing IoT and IoT infrastructure. It provides a set of plugins (test cases) and can be extended easily to create new plugins. Changelog...
The lunar script generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in...
murphysec MurphySec CLI is used for detecting vulnerable dependencies from the command-line, and also can be integrated into your CI/CD pipeline. Features Analyze dependencies being used by your project, including direct and indirect dependencies Detect...
For a system administrator, having to perform security vulnerability analysis and software updates on a daily basis can be a burden. To avoid downtime in a production environment, it is common for a system...
God Genesis God Genesis is a C2 server purely coded in Python3 created to help Red Teamers and Penetration Testers. Currently, It only supports TCP reverse shell but waits a min, it’s a FUD...
Aced Aced is a tool to parse and resolve a single targeted Active Directory principal’s DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound...
kics KICS stands for Keeping Infrastructure as Code Secure, it is open source and is a must-have for any cloud-native project. Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx....
Inveigh Inveigh is a cross-platform .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers. This repo contains the primary C# version as well as the legacy PowerShell version. Overview Inveigh conducts spoofing attacks and hash/credential captures...
starboard There are lots of security tools in the cloud native world, created by Aqua and by others, for identifying and informing users about security issues in Kubernetes workloads and infrastructure components. However powerful...
What is Sippts? Sippts is a suite of tools to audit VoIP servers and devices using SIP protocol. It is programmed in Perl script and it allows us to check the security of a...
