legitify Detect and remediate misconfigurations, security, and compliance issues across all your GitHub assets with ease. Scorecard Support scorecard is an OSSF’s open-source project: Scorecards is an automated tool that assesses a number of important...
veinmind-tools veinmind-tools is self-developed by chaitin technology, a container security toolset based on veinmind-sdk. Toolset veinmind-runner veinmind-runner it’s a container security host developed by Chaitin Technology. With the background of rich R&D experience, the...
ADFSRelay This repository includes two utilities NTLMParse and ADFSRelay. NTLMParse is a utility for decoding base64-encoded NTLM messages and printing information about the underlying properties and fields within the message. Examining these NTLM messages...
Coercer A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods. Features Automatically detects open SMB pipes on the remote machine. Calls one by one all...
rathole A secure, stable, and high-performance reverse proxy for NAT traversal, written in Rust rathole, like frp and ngrok, can help to expose the service on the device behind the NAT to the Internet, via a server...
What is TCA Tencent Cloud Code Analysis (TCA for short, code-named CodeDog inside the company early) is a code comprehensive analysis platform, which includes three components: server, web, and client. It supports the integration...
Empire 4.0 is a post-exploitation framework that includes a pure-PowerShell 2.0 Windows agent, and compatibility with Python 2.x/3.x Linux/OS X agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects....
Group3r Like its ancestors, Group3r is a tool for pentesters and red teamers to rapidly enumerate relevant settings in AD Group Policy and to identify exploitable misconfigurations in the same. It does this by...
What is afrog afrog is an excellent performance, fast and stable, PoC customizable vulnerability scanning (hole digging) tool. PoC involves CVE, CNVD, default password, information leakage, fingerprint identification, unauthorized access, arbitrary file reading, command...
Snaffler Snaffler is a tool for pentesters to help find delicious candy needles (creds mostly, but it’s flexible) in a bunch of horrible boring haystacks (a massive Windows/AD environment). It might also be useful for other...
