kcsec Goto Github PK

rdp-replay

Replay RDP traffic from PCAP

rdpinception

A proof of concept for the RDP Inception Attack

responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

responder-windows

Responder Windows Version Beta

ridenum

Rid_enum is a null session RID cycle attack for brute forcing domain controllers.

routerpwn.com

Compilation of ready to run exploits, advisories, tools and online key generators for embedded devices.

rsactftool

RSA tool for ctf - retreive private key from weak public key and/or uncipher data (feel free to ask questions : @G4N4P4T1)

runshellcode

.NET GUI program that runs shellcode

s3scanner

Scan for open S3 buckets and dump

scrape

Extensible Pastebin scraper written in Golang.

shimit

A tool that implements the Golden SAML attack

ships

The Shared Host Integrated Password System (SHIPS) is a solution to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts. Clients may be configured to rotate passwords automatically. Stored passwords can be retrieved by desktop support personnel as required, or updated when a password has to be manually changed in the course of system maintenance. By having unique passwords on each machine and logging of password retrievals, security can be improved my making networks more resistant to lateral movement by attackers and enhancing the ability to attribute actions to individual persons.

signal-desktop

Signal Private Messenger for the Desktop

sigploit

Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP

simplyemail

Email recon made fast and easy, with a framework to build on

skyjack

SkyJack is a drone engineered to autonomously seek out, hack, and wirelessly take full control over any other Parrot drones within wireless or flying distance, creating an army of zombie drones under your control.

slocker

Source code of the SLocker Android ransomware

smbexec

smbwrapper

Wrappers around smbclient and winexe with PTH support

snmpwn

An SNMPv3 User Enumerator and Attack tool

social-engineer-toolkit

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

sparta

Network Infrastructure Penetration Testing Tool

spraywmi

SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on a system.

ssh-audit

SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

ssh-badkeys

A collection of static SSH keys (public and private) that have made their way into software and hardware products.

ssh_keyscanner

ssh public host key scanner using shodan

static-binaries

Various *nix tools built as statically-linked binaries

steghide-brute-force-tool

Execute a brute force attack with Steghide to file with hide information and password established

stego-toolkit

Collection of steganography tools - helps with CTF challenges

sticky_keys_hunter

A script to test an RDP host for sticky keys and utilman backdoor.