HackGit

2022-05-02 09:25:59 ​MSDAT

Microsoft #SQL Database Attacking Tool.

An open source penetration testing tool that tests the security of Microsoft SQL Databases remotely.

Features:
get technical information (ex: database version) of an MSSQL database without being authenticated
search MSSQL accounts with a dictionary attack
test each login as a password (authentication required)
get a windows shell on the database server with
download files remotely
upload files on the server
capture a #SMB authentication
steal MSSQL hashed password, on an any MSSQL version
scan ports through the database

https://github.com/quentinhardy/msdat Открыть/Комментировать

2022-05-02 09:05:49 Maltego Transforms List

Maltego - one of most famous graphical analyze tool for #osint.

https://github.com/cipher387/maltego-transforms-list Открыть/Комментировать

2022-05-02 09:05:16 Beacon Object Files

https://github.com/guervild/BOFs Открыть/Комментировать

2022-05-01 18:18:00 ​Ronin

Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits or Payloads, Scanners, etc, via Repositories.

Features:
Supports installing/updating/uninstalling of Repositories.
Provides a Database using DataMapper
Caches exploits, payloads, scanners, etc stored within Repositories into the Database.
Convenience methods provided by ronin-support.
Provides a customized Ruby Console using Ripl
Provides an extensible command-line interface.

https://github.com/ronin-rb/ronin Открыть/Комментировать

2022-05-01 15:25:22 NTLMRelay2Self over HTTP

Just a walkthrough of how to escalate privileges locally by forcing the system you landed initial access on to reflectively authenticate over HTTP to itself and forward the received connection to an HTTP listener (ntlmrelayx) configured to relay to DC servers over LDAP/LDAPs for either setting shadow credentials or configuring RBCD.

https://github.com/med0x2e/NTLMRelay2Self

#ad #ntlm #relay #rbcd #redteam Открыть/Комментировать

2022-05-01 15:15:00 ​Idea

Furious Beaver is a distributed tool for capturing IRPs sent to any Windows driver. It operates in 2 parts:

1. the "Broker" combines both a user-land agent and a self-extractable driver (IrpDumper.sys) that will install itself on the targeted system. Once running it will expose (depending on the compilation options) a remote named pipe (reachable from \\target.ip.address\pipe\cfb), or a TCP port listening on TCP/1337. The communication protocol was made to be simple by design (i.e. not secure) allowing any 3rd party tool to dump the driver IRPs from the same Broker easily (via simple JSON messages).

2. the GUI is a Windows 10 UWP app made in a ProcMon-style: it will connect to wherever the broker is, and provide a convienent GUI for manipulating the broker (driver enumeration, hooking and IRP capturing). It also offers facililties for forging/replaying IRPs, auto-fuzzing (i.e. apply specific fuzzing policies on each IRP captured), or extract IRP in various formats (raw, as a Python script, as a PowerShell script) for further analysis. The captured data can be saved on disk in an easily parsable format (*.cfb = SQLite) for further analysis, and/or reload afterwards in the GUI.

Although the GUI obviously requires a Windows 10 environment (UWP App), the Broker itself can be deployed on any Windows 7+ host (x86 or x64). The target host must have testsigning BCD policy enabled, as the self-extracting driver is not WHQL friendly.

https://github.com/hugsy/CFB Открыть/Комментировать

2022-05-01 15:15:00 ARTi-C2 (Atomic-Red-Team-Intelligence-C2)

A post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

ARTi-C2 is a modern execution framework built to empower security teams to scale attack scenario execution from single and multi-breach point targets with the intent to produce actionable attack intelligence that improves the effectiveness of security products and incident response.

USE CASES:
SOCs need to evaluate and improve EDR solutions in minutes
Organizations are evaluating different EDR/AV solutions for Windows OS
Organizations need to:
execute APT group tactics in controlled environments
demonstrate the ability to block common attacks from disk and memory
execute lightweight atomics remotely
benchmark critical risk profiles against MITRE ATT&CK before releasing systems to Corp IT/production
execute ransomware tactics mapped to ATT&CK safely
keep tight margins between (MTTD) and (MTTR) metrics
continually improve SOAR workbooks
evaluate host security controls between different business units, and regions.

https://github.com/blackbotinc/Atomic-Red-Team-Intelligence-C2 Открыть/Комментировать

2022-05-01 14:14:00 ​TigerVirus

Virus Making Tool To Make Virus Applications and Messeges For Whatsapp And Other Chat Applications

https://github.com/Devil-Tigers/TigerVirus Открыть/Комментировать

2022-05-01 14:14:00 ​bore

A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That's all it does: no more, and no less.

https://github.com/ekzhang/bore

#soft #infosec #privacy Открыть/Комментировать

2022-05-01 12:52:12 ​Gitleaks

SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks is an easy-to-use, all-in-one solution for detecting secrets, past or present, in your code.

https://github.com/zricethezav/gitleaks

#secrets #passwords #api #keys #tokens #API Открыть/Комментировать