adaudit v4.1 releases: Powershell script to do domain auditing automation
adaudit PowerShell Script to perform a quick AD audit If you have any decent PowerShell one lines missing please let me know. I’m trying to keep this script as a...
Category: Vulnerability Analysis
trivy v0.45.1 releases: A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
trivy A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI Trivy (tri pronounced like trigger, vy pronounced like envy) is a comprehensive security scanner. It is reliable, fast, extremely easy to use,...
msdat v2.4 releases: Microsoft SQL Database Attacking Tool
MSDAT MSDAT (Microsoft SQL Database Attacking Tool) is an open-source penetration testing tool that tests the security of Microsoft SQL Databases remotely. Usage examples of MSDAT: You have a Microsoft database listening remotely...
DSInternals PowerShell Module and Framework v4.13 Releases
DSInternals PowerShell Module and Framework The DSInternals project consists of these two parts: The DSInternals Framework exposes several internal features of Active Directory and can be used from any .NET application. The codebase has...
Scout Suite v5.14 releases: Multi-Cloud Security Auditing Tool
Scout Suite is a multi-cloud security auditing tool, which enables assessing the security posture of cloud environments. Using the APIs exposed by cloud providers, Scout gathers configuration data for manual...
zBang v1.2.1 releases: a risk assessment tool
zBang is a special risk assessment tool that detects potential privileged account threats in the scanned network. Organizations and red teamers can utilize zBang to identify potential attack vectors and...
Vulmap: Online Local Vulnerability Scanners Project
Vulmap Vulmap is an open source online local vulnerability scanner project. It consists of online local vulnerability scanning programs for Windows and Linux operating systems. These scripts can be used...
celerystalk v1.3.1 releases: An asynchronous enumeration & vulnerability scanner
celerystalk celerystalk helps you automate your network scanning/enumeration process with asynchronous jobs (aka tasks) while retaining full control of which tools you want to run. Configurable – Some common tools are in...
pacu v1.5 releases: AWS penetration testing toolkit
Pacu Pacu is an open-source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration...
Attack Surface Analyzer v2.3.303 releases: analyze your operating system’s security configuration
Attack Surface Analyzer Attack Surface Analyzer (ASA) is a Microsoft-developed open source security tool that analyzes the attack surface of a target system and reports on potential security vulnerabilities introduced...
changeme v1.2.3 released: default credential scanner
changeme A default credential scanner. changeme picks up where commercial scanners leave off. It focuses on detecting default and backdoor credentials and not necessarily common credentials. Its default mode is...
remic: Vulnerability Scanner for Detecting Publicly Disclosed Vulnerabilities in Application Dependencies
remic Vulnerability Scanner for Detecting Publicly Disclosed Vulnerabilities in Application Dependencies remic automatically detects the following files in the container and scans vulnerabilities in the application dependencies. Gemfile.lock Pipfile.lock composer.lock package-lock.json...
polscan: Policy Scanner for Debian server inventory, policy compliance and vulnerabilities
polscan polscan (short for “Policy Scanner”) Makes your DevOps server configuration/security/automation policies explicit Easily detects configuration drift (Puppet 2/3/4) Provides details on package updates (Debian, PHP, Gem, CVEs via debsecan) Provides...
rigmap: A wrapper for Nmap to automate the pentest
Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect information into a well-organized directory hierarchy. The use of Nmap makes...
kaboom v1.0 releases: automates the penetration test
Kaboom is a bash script that automates the first two phases of a penetration test. All information collected is saved into a directory hierarchy very simple to the browser (also...
