Information Security
dnstwits See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud, and corporate...
Scantron Scantron is a distributed nmap scanner comprised of two components. The first is a master node that consists of a web front end used for scheduling scans and storing nmap scan targets and...
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s PowerShell attacks and the PowerShell bypass technique presented by David Kennedy (TrustedSec) and...
AutoRDPwn is a script created in Powershell and designed to automate the Shadow attack on Microsoft Windows computers. This vulnerability allows a remote attacker to view his victim’s desktop without his consent, and even control it on...
RidRelay A quick and easy way to get domain usernames while on an internal network. How it works RidRelay combines the SMB Relay attack, common lsarpc based queries and RID cycling to get a...
Wireshark Analyzer is a fantastic multi-platform open-source network protocol analyzer. It can be used to check the analysis of data from the network host to survive, but also look to capture files from the...
UnSAFE Bank UnSAFE Bank is a core virtual banking suite designed with the aim to incorporate the cybersecurity risks and various test cases such that newbie, developers, and security analysts can learn, hack and...
PoshC2 PoshC2 is a proxy aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users...
Mimikatz is an open-source gadget written in C, launched in April 2014. It is very powerful, support from the Windows system memory to extract clear text password, hash, PIN code, and Kerberos credentials, and...
The lunar script generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in...
