Deploying & Securing Kubernetes Clusters
Kubernetes is an open-source platform that allows you to manage workloads that are in a container. This enables you to have a clear understanding of the Kubernetes cluster state and how it can make changes to configuration to manage elements such as automated rollbacks and rollouts, load balancing, self-healing, and more. This post covers how to deploy Kubernetes and ensure...
Spyre : Simple YARA-Based IOC Scanner
Spyre is a simple host-based IOC scanner built around the YARA pattern matching engine and other scan modules. The main goal of this project is easy ope-rationalization of YARA rules and other indicators of compromise. Users need to bring their own rule sets. The awesome-yara repository gives a good overview of free yara rule sets out there. It is intended to...
PurpleCloud : An Infrastructure As Code (IaC) Deployment Of A Small Active Directory Pentest Lab In The Cloud
Pentest Cyber Range for a small Active Directory Domain. Automated templates for building your own Pentest/Red Team/Cyber Range in the Azure cloud! Purple Cloud is a small Active Directory enterprise deployment automated with Terraform / Ansible Playbook templates to be deployed in Azure. Purple Cloud also includes an adversary node implemented as a docker container remotely accessible over RDP. Fun...
BPYTOP : Linux/OSX/FreeBSD Resource Monitor
BPYTOP is a resource monitor that shows usage and stats for processor, memory, disks, network and processes. Features Easy to use, with a game inspired menu system.Full mouse support, all buttons with a highlighted key is clickable and mouse scroll works in process list and menu boxes.Fast and responsive UI with UP, DOWN keys process selection.Function for showing detailed stats for...
OpenRedireX : Asynchronous Open redirect Fuzzer for Humans
OpenRedireX is a asynchronous open redirect fuzzer for humans. Key Features Takes a url or list of urls and fuzzes them for Open redirect issuesYou can specify your own payloads in 'payloads.txt'Shows Location header history (if any)Fast (as it is Asynchronous)umm thats it , nothing much ! Usage Note : Use Python 3.7+ ! $ git clone https://github.com/devanshbatham/OpenRedireX $ cd OpenRedireX $ python3...
SQLMap v1.4.9 : Automatic SQL Injection & Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file...
Offensive Docker VPS
Create a VPS on Google Cloud Platform or Digital Ocean easily to use Offensive Docker and launch the assessments to the targets. Requirements Terraform installed (Version used: v0.13.0)Ansible installed (Version used: 2.9.12)SSH private and public keysGoogle Cloud Platform or Digital Ocean account. Usage Clone the repository git clone --depth 1 https://github.com/aaaguirrep/offensive-docker-vps.git vps cd vps CredentialsCreate credentials folder. mkdir credentials For Google Cloud PlatformCreate a new project.Create...
Autovpn : Create On Demand Disposable OpenVPN Endpoints On AWS
AutoVPN is a script that allows the easy creation of OpenVPN endpoints in any AWS region. To create a VPN endpoint is done with a single command takes ~3 minutes. It will create the proper security groups. It spins up a tagged ec2 instance and configures OpenVPN software. Once instance is configured an OpenVPN configuration file is downloaded and...
Hardcodes : Find Hardcoded Strings From Source Code
Hardcodes is a utility for searching strings hardcoded by developers in programs. It uses a modular tokenizer that can handle comments, any number of backslashes & nearly any syntax you throw at it. Yes, it is designed to process any syntax and following languages are officially supported: ada, applescript, c, c#, c++, coldfusion, golang, haskell, html, java, javascript, jsp, lua, pascal, perl,...
Wordlist-Generator : Unique Wordlist Generator Of Unique Wordlists
Wordlist-Generator generates wordlists with unique words with techniques mentioned in tomnomnom's report "Who, What, Where, When". It takes URLs from gau and splits them to get words in URLs. Then it requests each URL to fetch all words. Finally, wordlist_generator removes from wordlist everything from "denylists" directory files to keep only unique words, which you can use for domain,...
