From 2002babe00a30e8844a9cd8fc43ddb9e1c87cf0c Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:23:30 +0700 Subject: [PATCH 01/27] Add: dhoelzer/ShowMeThePackets --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 9490145..da7c3a3 100644 --- a/README.md +++ b/README.md @@ -1699,6 +1699,10 @@ This repository is created as an online bookmark for useful links, resources and byt3bl33d3r/MITMf Framework for Man-In-The-Middle attacks + + dhoelzer/ShowMeThePackets + Useful network monitoring, analysis, and active response tools used or mentioned in the SANS SEC503 course + DNSdumpster.com dns recon & research, find & lookup dns records From 90c977c70b7250b586d74835bce938f270c97326 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:25:14 +0700 Subject: [PATCH 02/27] Add: WebBreacher/WhatsMyName --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index da7c3a3..3fd09b1 100644 --- a/README.md +++ b/README.md @@ -1904,6 +1904,10 @@ This repository is created as an online bookmark for useful links, resources and Recon-NG Recon-ng is a reconnaissance tool with an interface similar to Metasploit. Running recon-ng from the command line you enter a shell like environment where you can configure options, perform recon and output results to different report types. + + WebBreacher/WhatsMyName + This repository has the unified data required to perform user enumeration on various websites. Content is in a JSON file and can easily be used in other projects. + WhatsMyName Web This tool allows you to enumerate usernames across many websites From 486165648054f79196a63c9b2be47eb6a7415e6d Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:29:43 +0700 Subject: [PATCH 03/27] Add: austic-taylor/flare --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 3fd09b1..a0f981b 100644 --- a/README.md +++ b/README.md @@ -1691,6 +1691,10 @@ This repository is created as an online bookmark for useful links, resources and aol/moloch Moloch is an open source, large scale, full packet capturing, indexing, and database system + + austin-taylor/flare + An analytical framework for network traffic and behavioral analytics + blechschmidt/massdns A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration) From 4d56b344b474385cac6692d42efe40a280c257bd Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:31:09 +0700 Subject: [PATCH 04/27] Add: HASecuritySolutions/VulnWhisperer --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index a0f981b..d7981de 100644 --- a/README.md +++ b/README.md @@ -1086,6 +1086,10 @@ This repository is created as an online bookmark for useful links, resources and gellin/TeamViewer_Permissions_Hook_V1 A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions. + + HASecuritySolutions/VulnWhisperer + Create actionable data from your Vulnerability Scans + hasherezade/process_doppelganging My implementation of enSilo's Process Doppelganging (PE injection technique) From f2e76c6ebab1f19b3c60479c2e3c97d169f8041d Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:34:43 +0700 Subject: [PATCH 05/27] Add: RealityNet/kobackupdec --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index d7981de..3445948 100644 --- a/README.md +++ b/README.md @@ -1662,6 +1662,10 @@ This repository is created as an online bookmark for useful links, resources and quark-engine/quark-engine An Obfuscation-Neglect Android Malware Scoring System + + RealityNet/kobackupdec + Huawei backup decryptor + sensepost/objection objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. From 3fa57e5850386342e9c9980bbe0b59423f8cf683 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:36:54 +0700 Subject: [PATCH 06/27] Add: markbaggett/srum-dump --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 3445948..7915132 100644 --- a/README.md +++ b/README.md @@ -909,6 +909,10 @@ This repository is created as an online bookmark for useful links, resources and MalwareSoup/MitreAttack Python wrapper for the Mitre ATT&CK framework API + + markbaggett/srum-dump + A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet. + mozilla/audit-go Linux Audit Plugin for heka written using netlink Protocol in golang and Lua From c5bdc47667b4d8d10d0a77ffbb7efca02725f000 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:37:51 +0700 Subject: [PATCH 07/27] Add: markbaggett/werejugo --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 7915132..1262b6d 100644 --- a/README.md +++ b/README.md @@ -913,6 +913,10 @@ This repository is created as an online bookmark for useful links, resources and markbaggett/srum-dump A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet. + + markbaggett/werejugo + Identifies physical locations where a laptop has been based upon wireless profiles and wireless data recorded in event logs + mozilla/audit-go Linux Audit Plugin for heka written using netlink Protocol in golang and Lua From 89e0f7494fe75e394028f912ba00d5c9b3bf7a2a Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:39:04 +0700 Subject: [PATCH 08/27] Add: cyb3rfox/Aurora-Incident-Response --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 1262b6d..cbfd94d 100644 --- a/README.md +++ b/README.md @@ -773,6 +773,10 @@ This repository is created as an online bookmark for useful links, resources and cryps1s/DARKSURGEON DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. + + cyb3rfox/Aurora-Incident-Response + Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders + Cyb3rWard0g/HELK A Hunting ELK (Elasticsearch, Logstash, Kibana) with advanced analytic capabilities. From bd6e9410bb28b09872cff37038320043198c690a Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:41:19 +0700 Subject: [PATCH 09/27] Add: nidem/kerberoast --- README.md | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index cbfd94d..150c1e2 100644 --- a/README.md +++ b/README.md @@ -2102,14 +2102,6 @@ This repository is created as an online bookmark for useful links, resources and mattifestation/PoCSubjectInterfacePackage A PoC subject interface package (SIP) provider designed to educate about the required components of a SIP provider. - - OmerYa/Invisi-Shell - Hide your Powershell script in plain sight. Bypass all Powershell security features - - - putterpanda/mimikittenz - A post-exploitation powershell tool for extracting juicy info from memory. - mdsecactivebreach/Chameleon Chameleon: A tool for evading Proxy categorisation @@ -2142,10 +2134,18 @@ This repository is created as an online bookmark for useful links, resources and NetSPI/goddi goddi (go dump domain info) dumps Active Directory domain information + + nidem/kerberoast + Kerberoast is a series of tools for attacking MS Kerberos implementations. Below is a brief overview of what each tool does. + outflanknl/Recon-AD Recon-AD, an AD recon tool based on ADSI and reflective DLL’s + + OmerYa/Invisi-Shell + Hide your Powershell script in plain sight. Bypass all Powershell security features + peewpw/Invoke-PSImage Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute @@ -2158,6 +2158,11 @@ This repository is created as an online bookmark for useful links, resources and Plazmaz/LNKUp Generates malicious LNK file payloads for data exfiltration + + putterpanda/mimikittenz + A post-exploitation powershell tool for extracting juicy info from memory. + + secretsquirrel/SigThief Stealing Signatures and Making One Invalid Signature at a Time From 247972728c4ebb530f980146eb6a6fecb7235e8c Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:43:10 +0700 Subject: [PATCH 10/27] Add: joswr1ght/nm2lp --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 150c1e2..2f83998 100644 --- a/README.md +++ b/README.md @@ -1743,6 +1743,10 @@ This repository is created as an online bookmark for useful links, resources and infobyte/evilgrade Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it's own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents are set. + + joswr1ght/nm2lp + Convert Windows Netmon Monitor Mode Wireless Packet Captures to Libpcap Format + michenriksen/aquatone AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, AQUATONE can then scan the hosts for common web ports and HTTP headers, HTML bodies and screenshots can be gathered and consolidated into a report for easy analysis of the attack surface. From 303d009be3fbd732d6b177929130697fd6f3f3f0 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:44:06 +0700 Subject: [PATCH 11/27] Add: joswr1ght/cowpatty --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 2f83998..c646a8c 100644 --- a/README.md +++ b/README.md @@ -1743,6 +1743,10 @@ This repository is created as an online bookmark for useful links, resources and infobyte/evilgrade Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it's own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents are set. + + joswr1ght/cowpatty + coWPAtty: WPA2-PSK Cracking + joswr1ght/nm2lp Convert Windows Netmon Monitor Mode Wireless Packet Captures to Libpcap Format From d942299286d62ab03b67a89e526279ac2ce02e11 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:45:41 +0700 Subject: [PATCH 12/27] Add: byt3bl33d3r/CrackMapExec --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index c646a8c..626c340 100644 --- a/README.md +++ b/README.md @@ -2018,6 +2018,10 @@ This repository is created as an online bookmark for useful links, resources and bohops/GhostBuild GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects + + byt3bl33d3r/CrackMapExec + A swiss army knife for pentesting networks + cobbr/Covenant Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. From b38f8c41b34cad58504f41ad6ce934b49d25b90d Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:47:00 +0700 Subject: [PATCH 13/27] Add: byt3bl33d3r/SILENTTRINITY --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 626c340..b8eb78f 100644 --- a/README.md +++ b/README.md @@ -2022,6 +2022,10 @@ This repository is created as an online bookmark for useful links, resources and byt3bl33d3r/CrackMapExec A swiss army knife for pentesting networks + + byt3bl33d3r/SILENTTRINITY + An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR + cobbr/Covenant Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. From 814ed0a24d9ad37330018fb2f554ff3af13e1129 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:47:40 +0700 Subject: [PATCH 14/27] Add: byt3bl33d3r/SprayingToolkit --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index b8eb78f..460327f 100644 --- a/README.md +++ b/README.md @@ -2026,6 +2026,10 @@ This repository is created as an online bookmark for useful links, resources and byt3bl33d3r/SILENTTRINITY An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR + + byt3bl33d3r/SprayingToolkit + Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient + cobbr/Covenant Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. From 02e86f1c0568e43002b9b29123134d049e58215f Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:49:03 +0700 Subject: [PATCH 15/27] Add: byt3bl33d3r/WitnessMe --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 460327f..fbf1bfd 100644 --- a/README.md +++ b/README.md @@ -1800,6 +1800,10 @@ This repository is created as an online bookmark for useful links, resources and arch4ngel/peasant LinkedIn reconnaissance tool + + byt3bl33d3r/WitnessMe + Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier. + CellID Finder Find GSM base stations cell id coordinates From 520228d26bd3fc9541e3c58e1aff68651b0b588e Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:50:56 +0700 Subject: [PATCH 16/27] Add: Project Prismatica --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index fbf1bfd..65e39ae 100644 --- a/README.md +++ b/README.md @@ -2182,11 +2182,14 @@ This repository is created as an online bookmark for useful links, resources and Plazmaz/LNKUp Generates malicious LNK file payloads for data exfiltration + + Project Prismatica + Project Prismatica is a focused framework for Command and Control that is dedicated to extensibility. + putterpanda/mimikittenz A post-exploitation powershell tool for extracting juicy info from memory. - secretsquirrel/SigThief Stealing Signatures and Making One Invalid Signature at a Time From f116973d365166fa8793e7cbdb353411a7957350 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:52:01 +0700 Subject: [PATCH 17/27] Add: Acheron-VAF/Acheron --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 65e39ae..fc9ce25 100644 --- a/README.md +++ b/README.md @@ -161,6 +161,10 @@ This repository is created as an online bookmark for useful links, resources and aboul3la/Sublist3r Fast subdomains enumeration tool for penetration testers + + Acheron-VAF/Acheron + Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility. + ambionics/phpggc PHPGGC is a library of unserialize() payloads along with a tool to generate them, from command line or programmatically. From 51194e4fae66cff8debf3f0c9a662c11a0897268 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:52:59 +0700 Subject: [PATCH 18/27] Add: besimorhino/powercat --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index fc9ce25..20f46fc 100644 --- a/README.md +++ b/README.md @@ -2022,6 +2022,10 @@ This repository is created as an online bookmark for useful links, resources and BC-SECURITY/Empire Empire is a PowerShell and Python post-exploitation agent. + + besimorhino/powercat + netshell features all in version 2 powershell + bohops/GhostBuild GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects From 308726719b19b259dbf36a9d39f84bf574f2c088 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:54:05 +0700 Subject: [PATCH 19/27] Add: pumasecurity/puma-scan --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 20f46fc..090fe5c 100644 --- a/README.md +++ b/README.md @@ -234,6 +234,10 @@ This repository is created as an online bookmark for useful links, resources and Public WWW Source Code Search Engine + + pumasecurity/puma-scan + Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications. + pwntester/ysoserial.net Deserialization payload generator for a variety of .NET formatters From e0e064f37badbf1c134df2b2dc2e7b027b44543c Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 19:55:29 +0700 Subject: [PATCH 20/27] Add: pumasecurity/serverless-prey --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 090fe5c..1945547 100644 --- a/README.md +++ b/README.md @@ -564,6 +564,10 @@ This repository is created as an online bookmark for useful links, resources and prevade/cloudjack Route53/CloudFront Vulnerability Assessment Utility + + pumasecurity/serverless-prey + Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions + random-robbie/slurp Enumerate S3 buckets via certstream, domain, or keywords From 9020c98e6c5b07258f1bc11869f5faf5251ac1b0 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 21:58:24 +0700 Subject: [PATCH 21/27] Add: BishopFox/h2csmuggler --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index adcc09c..dab3fd7 100644 --- a/README.md +++ b/README.md @@ -185,6 +185,10 @@ This repository is created as an online bookmark for useful links, resources and brannondorsey/dns-rebind-toolkit A front-end JavaScript toolkit for creating DNS rebinding attacks. + + BishopFox/h2csmuggler + HTTP Request Smuggling over HTTP/2 Cleartext (h2c) + facebook/pyre-check/ Performant type-checking for python. From b0e69b78ff7b9443b6d060ef37d15407b28c3607 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Sun, 20 Sep 2020 22:10:25 +0700 Subject: [PATCH 22/27] Remove dupes and issues --- README.md | 24 ------------------------ 1 file changed, 24 deletions(-) diff --git a/README.md b/README.md index dab3fd7..0ee2424 100644 --- a/README.md +++ b/README.md @@ -1241,10 +1241,6 @@ This repository is created as an online bookmark for useful links, resources and CapacitorSet/box-js A tool for studying JavaScript malware - - CAPEv2 Sandbox - CAPE Sandbox - CERT-Polska/drakvuf-sandbox DRAKVUF Sandbox - automated hypervisor-level malware analysis system @@ -1592,10 +1588,6 @@ This repository is created as an online bookmark for useful links, resources and VX Vault VX Vault - - - vx-undergroud - A Malware Block is a compressed 7z file with 40,000 malicious binaries. Each binary is listed in an accompanied 'File listing'. Each block is 100% unique. zerosum0x0/smbdoor @@ -2050,10 +2042,6 @@ This repository is created as an online bookmark for useful links, resources and byt3bl33d3r/SILENTTRINITY An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR - - byt3bl33d3r/SprayingToolkit - Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient - cobbr/Covenant Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. @@ -2146,18 +2134,6 @@ This repository is created as an online bookmark for useful links, resources and mattifestation/PoCSubjectInterfacePackage A PoC subject interface package (SIP) provider designed to educate about the required components of a SIP provider. - - Ne0nd0g/merlin - Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. - - - OmerYa/Invisi-Shell - Hide your Powershell script in plain sight. Bypass all Powershell security features - - - putterpanda/mimikittenz - A post-exploitation powershell tool for extracting juicy info from memory. - mdsecactivebreach/Chameleon Chameleon: A tool for evading Proxy categorisation From 3daf6d1504b7755d06e1c41ed5fdda5d4b0b4b0f Mon Sep 17 00:00:00 2001 From: pe3zx Date: Mon, 21 Sep 2020 00:19:09 +0700 Subject: [PATCH 23/27] Add: microsoft/onefuzz --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 0ee2424..204830c 100644 --- a/README.md +++ b/README.md @@ -214,6 +214,10 @@ This repository is created as an online bookmark for useful links, resources and mazen160/bfac BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code. + + microsoft/onefuzz + A self-hosted Fuzzing-As-A-Service platform + mindedsecurity/JStillery Advanced JS Deobfuscation via Partial Evaluation. From c86f6c850a72c574aad6db1b9c8eee4e1d12d5fe Mon Sep 17 00:00:00 2001 From: pe3zx Date: Mon, 21 Sep 2020 00:24:19 +0700 Subject: [PATCH 24/27] Add: danmar/cppcheck --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 204830c..9143010 100644 --- a/README.md +++ b/README.md @@ -189,6 +189,10 @@ This repository is created as an online bookmark for useful links, resources and BishopFox/h2csmuggler HTTP Request Smuggling over HTTP/2 Cleartext (h2c) + + danmar/cppcheck + static analysis of C/C++ code + facebook/pyre-check/ Performant type-checking for python. From 582c4a9cb0508286e4f8c9e70b8351c2a153fc33 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Mon, 21 Sep 2020 00:45:04 +0700 Subject: [PATCH 25/27] Add: NavyTitanium/Fake-Sandbox-Artifacts --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 9143010..cbbfad2 100644 --- a/README.md +++ b/README.md @@ -1473,6 +1473,10 @@ This repository is created as an online bookmark for useful links, resources and mohamedaymenkarmous/alienvault-otx-api-html AlienVault OTX API-based project with HTML (pure HTML or mixed PNG screenshots) reports pages that looks like the real AlienVault OTX website + + NavyTitanium/Fake-Sandbox-Artifacts + This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools + nbeede/BoomBox Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant From c6477ef3faa00a74581b76c0f8467bd392a492d6 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Thu, 24 Sep 2020 22:18:21 +0700 Subject: [PATCH 26/27] Add: crowdsecurity/crowdsec --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index cbbfad2..c5c0d3d 100644 --- a/README.md +++ b/README.md @@ -1735,6 +1735,10 @@ This repository is created as an online bookmark for useful links, resources and austin-taylor/flare An analytical framework for network traffic and behavioral analytics + + crowdsecurity/crowdsec/ + Crowdsec - An open-source, lightweight agent to detect and respond to bad behaviours. It also automatically benefits from our global community-wide IP reputation database. + blechschmidt/massdns A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration) From b8201d9459c4dc5e7f2f3362181e7c059b497c80 Mon Sep 17 00:00:00 2001 From: pe3zx Date: Thu, 24 Sep 2020 22:50:45 +0700 Subject: [PATCH 27/27] Add: AlteredSecurity/365-Stealer/ --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index c5c0d3d..1f405c0 100644 --- a/README.md +++ b/README.md @@ -2259,6 +2259,10 @@ This repository is created as an online bookmark for useful links, resources and Link Description + + AlteredSecurity/365-Stealer/ + 365-Stealer is the tool written in python3 which steals data from victims office365 by using access_token which we get by phishing. It steals outlook mails, attachments, OneDrive files, OneNote notes and injects macros. + boxug/trape People tracker on the Internet: Learn to track the world, to avoid being traced.