/>
February 23, 2022Pip-Audit - Audits Python Environments And Dependency Trees For Known Vulnerabilities

pip-audit is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database (https://github.com/pypa/advisory-db) via the PyPI JSON...

by KitPloit in Pip, Pip-Audit, Security Audit, Supply Chain
February 23, 2022Http-Desync-Guardian - Analyze HTTP Requests To Minimize Risks Of HTTP Desync Attacks (Precursor For HTTP Request Smuggling/Splitting)

Overview HTTP/1.1 went through a long evolution since 1991 to 2014: HTTP/0.9 ? 1991 HTTP/1.0 ? 1996 HTTP/1.1 ...

by KitPloit in Http Desync, Http Request Smuggling, Http Smuggling, Http-Desync-Guardian
February 23, 2022Dep-Scan - Fully Open-Source Security Audit For Project Dependencies Based On Known Vulnerabilities And Advisories. Supports Both Local Repos And Container Images. Integrates With Various CI Environments Such As Azure Pipelines, CircleCI, Google CloudBuil

dep-scan is a fully open-source security audit tool for project dependencies based on known vulnerabilities, advisories and license limitations. Both local repositories and container images are supported as input. The...

by KitPloit in Dep-Scan, Dependency Audit, Risk Audit, Sbom, Vulnerability Scanners
February 23, 2022Wireshark-Forensics-Plugin - A cross-platform Wireshark plugin that correlates network traffic data with threat intelligence, asset categorization & vulnerability data

Wireshark is the most widely used network traffic analyzer. It is an important tool for both live traffic analysis & forensic analysis for forensic/malware analysts. Even though Wireshark...

by KitPloit in vulnerabilities
February 23, 2022T-Reqs-HTTP-Fuzzer - A Grammar-Based HTTP Fuzzer

T-Reqs (Two Requests) is a grammar-based HTTP Fuzzer written as a part of the paper titled "T-Reqs: HTTP Request Smuggling with Differential Fuzzing" which was presented at ACM...

by KitPloit in T-Reqs-HTTP-Fuzzer
February 23, 2022Pwndora - Massive IPv4 Scanner, Find And Analyze Internet-Connected Devices In Minutes, Create Your Own IoT Search Engine At Home

Pwndora is a massive and fast IPv4 address range scanner, integrated with multi-threading. Using sockets, it analyzes which ports are open, and collects more information about targets,...

by KitPloit in Zoomeye, Banner Grabbing, Command Line Tool, Port Scanner, Port Scanning, Pwndora
February 23, 2022Mandiant-Azure-AD-Investigator - PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity

This repository contains a PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity. Some indicators are "high-fidelity" indicators of compromise, while...

by KitPloit in Mandiant-Azure-AD-Investigator
February 23, 2022Second-Order - Subdomain Takeover Scanner

Scans web applications for second-order subdomain takeover by crawling the app, and collecting URLs (and other data) that match certain rules, or respond in a certain way. ...

by KitPloit in Wordlist Generator, Reconnaissance, Web Application Security, Second-Order
February 23, 2022Whatfiles - Log What Files Are Accessed By Any Linux Process

Whatfiles is a Linux utility that logs what files another program reads/writes/creates/deletes on your system. It traces any new processes and threads that are created by the targeted...

by KitPloit in Filesystem Events, Linux Utilities, Whatfiles
February 23, 2022VulnLab - A Web Vulnerability Lab Project

VulnLab A web vulnerability lab project developed by Yavuzlar. Vulnerabilities SQL...

by KitPloit in Vulnerability, VulnLab
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques