DejaVU – Open Source Deception Framework

DejaVU - Open Source Deception Framework Deception techniques if deployed well can be very effective for organizations to improve network defense and can be a useful arsenal for blue teams to detect attacks at very early stage of cyber kill chain. But the challenge we have seen is deploying, managing and administering decoys across large

DARKSURGEON – A Windows Packer Project To Empower Incident Response, Digital Forensics, Malware Analysis, And Network Defense

DARKSURGEON - A Windows Packer Project To Empower Incident Response, Digital Forensics, Malware Analysis, And Network Defense DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.DARKSURGEON has three stated goals:Accelerate incident response, digital forensics, malware analysis, and network defense with a preconfigured Windows 10 environment complete with

CSS Keylogger – Chrome Extension And Express Server That Exploits Keylogging Abilities Of CSS

CSS Keylogger - Chrome Extension And Express Server That Exploits Keylogging Abilities Of CSS Chrome extension and Express server that exploits keylogging abilities of CSS.To useSetup Chrome extensionDownload repository git clone https://github.com/maxchehab/CSS-KeyloggingVisit chrome://extensions in your browser (or open up the Chrome menu by clicking the icon to the far right of the Omnibox: The menu's

BlackArch Linux v2018.06.01 – Penetration Testing Distribution

BlackArch Linux v2018.06.01 - Penetration Testing Distribution BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1981 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs.ChangeLog:added more than 60 new toolsadded config files for i3-wm (BlackArch compatible))network stack tunings (sysctl

Backdoorme – Powerful Auto-Backdooring Utility

Backdoorme - Powerful Auto-Backdooring Utility Tools like metasploit are great for exploiting computers, but what happens after you've gained access to a computer? Backdoorme answers that question by unleashing a slew of backdoors to establish persistence over long periods of time.Once an SSH connection has been established with the target, Backdoorme's strengths can come to

DefectDojo – Application Vulnerability Correlation And Security Orchestration Application

DefectDojo - Application Vulnerability Correlation And Security Orchestration Application DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one source of truth with DefectDojo.Quick Start$ git clone

RouterSploit v3.0 – Exploitation Framework For Embedded Devices

RouterSploit v3.0 - Exploitation Framework For Embedded Devices The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices.It consists of various modules that aids penetration testing operations:exploits - modules that take advantage of identified vulnerabilitiescreds - modules designed to test credentials against network servicesscanners - modules that check if a target is vulnerable

Otseca – Security Auditing Tool To Search And Dump System Configuration

Otseca - Security Auditing Tool To Search And Dump System Configuration Otseca is a open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.For more information, see wiki.How To UseIt's simple:# Clone this repositorygit clone https://github.com/trimstray/otseca# Go into the repositorycd otseca# Install./setup.sh install#

Empire GUI – Empire Client Application

Empire GUI - Empire Client Application The Empire Multiuser GUI is a graphical interface to the Empire post-exploitation Framework. It was written in Electron and utilizes websockets (SocketIO) on the backend to support multiuser interaction. The main goal of this project is to enable red teams, or any other color team, to work together on