Java Archive Implant Toolkit Inject malicious payloads into JAR files. Configuration JarPlant supports injection of custom values with the implants. A set of common configuration properties are defined with the template and built-in implants....
The post JarPlant: Java archive implant toolkit appeared first on Penetration Testing Tools.
CNAPPgoat CNAPPgoat is a multi-cloud, vulnerable-by-design environment deployment tool – specifically engineered to facilitate practice arenas for defenders and pentesters. Its main function is to deploy intentionally vulnerable environments across multiple cloud service providers,...
The post cnappgoat: modularly provision vulnerable-by-design components in cloud environments appeared first on Penetration Testing Tools.
DroneXtract DroneXtract is a comprehensive digital forensics suite for DJI drones made with Golang. It can be used to analyze drone sensor values and telemetry data, visualize drone flight maps, audit for criminal activity,...
The post DroneXtract: A digital forensics suite for DJI drones appeared first on Penetration Testing Tools.
SeamlessPass SeamlessPass is a tool designed to obtain Microsoft 365 access tokens using on-premises Active Directory Kerberos tickets for organizations with Seamless SSO (Desktop SSO) enabled. These tokens can be used for further interaction...
The post SeamlessPass: Leveraging Kerberos tickets to get Microsoft 365 access tokens appeared first on Penetration Testing Tools.
IAMActionHunter IAMActionHunter is an IAM policy statement parser and query tool that aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS Identity and Access Management...
The post IAMActionHunter: an IAM policy statement parser and query tool appeared first on Penetration Testing Tools.
MDE Kit MDE Kit’s objective is to help automate and empower your investigation, detection, prevention, and response capabilities leveraging the MDE API. MDE Kit leverages many of the available Microsoft Defender for Endpoint (MDE)...
The post MDE Kit: A PowerShell Module for Microsoft Defender for Endpoint appeared first on Penetration Testing Tools.
Hannibal Hannibal is a x64 Windows Agent written in fully position independent C (plus a tiny bit of C++). It is based off the Stardust template created by @C5pider. Use case Hannibal is intended to be...
The post Hannibal: x64 Windows Agent written in fully position independent C appeared first on Penetration Testing Tools.
HASH (HTTP Agnostic Software Honeypot) HASH is a framework for creating and launching low interactive honeypots. Why HASH? The main philosophy of HASH is to be easy to configure and flexible to mimic any...
The post HASH: framework for creating and launching low interactive honeypots appeared first on Penetration Testing Tools.
ChopChopGo ChopChopGo inspired by Chainsaw utilizes Sigma rules for forensics artifact recovery, enabling rapid and comprehensive analysis of logs and other artifacts to identify potential security incidents and threats on Linux. Features 🎯 Hunt...
The post ChopChopGo: Rapidly Search and Hunt through Linux Forensics Artifacts appeared first on Penetration Testing Tools.
Pytune Pytune is a post-exploitation tool for enrolling a fake device into Intune with mulitple platform support. Microsoft Intune is a cloud-based endpoint management solution designed to manage a variety of devices, including PCs...
The post Pytune: Weaponizing Microsoft Intune for Post-Exploitation appeared first on Penetration Testing Tools.
Pentest Muse Building an AI agent that can automate parts of pentesting jobs and provide live suggestions to pentesters. Requirements Python 3.12 or later Necessary Python packages as listed in requirements.txt OpenAI API key Modes...
The post Pentest Muse: Revolutionizing Penetration Testing with AI Automation appeared first on Penetration Testing Tools.
Forensic Tools forensictools is a toolkit designed for digital forensics, offering a wide array of tools. Its primary goal is to simplify the creation of a virtual environment for conducting forensic examinations. In addition to...
The post forensictools: A toolkit designed for digital forensics appeared first on Penetration Testing Tools.
XMap: The Internet Scanner XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning. XMap is reimplemented and improved thoroughly from ZMap and is fully compatible with ZMap,...
The post xmap: performing Internet-wide IPv6 & IPv4 network research scanning appeared first on Penetration Testing Tools.
APT-Hunter APT-Hunter is a Threat Hunting tool for windows event logs which made by the purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the...
The post APT-Hunter: Threat Hunting tool for windows event logs appeared first on Penetration Testing Tools.
ldapx Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly. Usage Where: -f will apply Filter middlewares to all applicable requests -a will apply...
The post ldapx: inspect & transform all LDAP packets appeared first on Penetration Testing Tools.
OSTE-Web-Log-Analyzer Automate the process of analyzing web server logs with the Python Web Log Analyzer. This powerful tool is designed to enhance security by identifying and detecting various types of cyber attacks within your...
The post OSTE-Web-Log-Analyzer: automate the process of analyzing web server logs appeared first on Penetration Testing Tools.
LDAP Watchdog LDAP Watchdog is a tool designed to monitor and record changes in an LDAP directory in real time. It provides a mechanism to track and visualize modifications, additions, and removals to user...
The post LDAP Watchdog: monitor record changes in an LDAP directory in real-time appeared first on Penetration Testing Tools.
Git-Rotate Leveraging GitHub Actions for IP Rotation – for more information see the following blog post. The Sprayer and Catcher components are currently configured to target the Microsoft login portal and handle the response data. You’ll need to modify...
The post Git-Rotate: Bypassing IP Blocks with GitHub Actions appeared first on Penetration Testing Tools.
legba Legba is a multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust and the Tokio asynchronous runtime in order to achieve better performances and stability while consuming fewer resources than similar...
The post legba: multiprotocol credentials bruteforcer / password sprayer and enumerator appeared first on Penetration Testing Tools.
MemProcFS Analyzer MemProcFS-Analyzer.ps1 is a PowerShell script utilized to simplify the usage of MemProcFS and to assist with the analysis workflow. Features: Auto-Install of MemProcFS, EvtxECmd, Elasticsearch, Kibana Auto-Update of MemProcFS, EvtxECmd (incl. Maps),...
The post MemProcFS Analyzer: Automated Forensic Analysis of Windows Memory Dumps appeared first on Penetration Testing Tools.
