Category: Distributed

DistributedFireworkNEW TOOLSNTLMPenetration TestRDPRed TeamSocial EngineeringTLS

Firework – Leveraging Microsoft Workspaces in a Penetration Test

Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process. The tool also wraps some code from Responder to leverage its ability to capture NetNTLM hashes from a system that provisions a Workplace feed via it.This tool may be used as part of a penetration test or red team exercise to create a .wcx payload (and associated feed) that if clicked on could be used to:Phish for credentials - NetNTLM hashes will be sent…

DevopsDistributedLaforgeNEW TOOLSpenetration testing

Laforge – Security Competition Infrastructure Automation Framework

Laforge enables rapid development of infrastructure for the purpose of information security competitions. Using a simple and intuitive configuration language, Laforge manages a dependency graph and state management and allows for highly productive remote collaboration. The Laforge engine uses a custom loader to do multi-dimensional, non-destructive configuration overlay. A good analogy to this is Docker - when you build a Docker container, it builds it up layers at a time. It's this power that has inspired us to build Laforge. It's certainly a niche`…

DistributedDoSDoS Test ToolGoldenEyeNEW TOOLS

GoldenEye v1.2.0 – Layer 7 (KeepAlive+NoCache) DoS Test Tool

GoldenEye is an python app for SECURITY TESTING PURPOSES ONLY!GoldenEye is a HTTP DoS Test Tool.Attack Vector exploited: HTTP Keep Alive + NoCacheUsage USAGE: ./ <url> [OPTIONS] OPTIONS: Flag Description Default -u, --useragents File with user-agents to use (default: randomly generated) -w, --workers Number of concurrent workers (default: 50) -s, --sockets Number of concurrent sockets (default: 30) -m, --method HTTP Method to use 'get' or 'post' or 'random' (default: get) -d, --debug Enable Debug Mode [more verbose output] (default: False) -n, --nosslcheck Do not…

AWSCloud ComputingCloud CustodianDistributedDSLGoNEW TOOLSRules EngineScanServerless

Cloud Custodian – Rules Engine For Cloud Security, Cost Optimization, And Governance, DSL In Yaml For Policies To Query, Filter, And Take Actions On Resources

Cloud Custodian is a rules engine for AWS fleet management. It allows users to define policies to enable a well managed cloud infrastructure, that's both secure and cost optimized. It consolidates many of the adhoc scripts organizations have into a lightweight and flexible tool, with unified metrics and reporting.Custodian can be used to manage AWS accounts by ensuring real time compliance to security policies (like encryption and access requirements), tag policies, and cost management via garbage collection of unused resources and off-hours resource management.Custodian…

AutoNSEDistributedNEW TOOLSNmapNSE

AutoNSE – Massive NSE (Nmap Scripting Engine) AutoSploit And AutoScanner

Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner. The Nmap Scripting Engine (NSE) is one of Nmap's most powerful and flexible features. It allows users to write (and share) simple scripts (using the Lua programming language ) to automate a wide variety of networking tasks. Those scripts are executed in parallel with the speed and efficiency you expect from Nmap. Users can rely on the growing and diverse set of scripts distributed with Nmap, or write their own to meet custom needs. For more…

DistributedHashHashingHashtopolisHashtopussyhttpsMySQLNEW TOOLSPHPWrapper

Hashtopolis – A Hashcat Wrapper For Distributed Hashcracking

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis's development are portability, robustness, multi-user support, and multiple groups management. The application has two parts:Agent Multiple clients (C#, Python), easily customizable to suit any need.Server several PHP/CSS files operating on two endpoints: an Admin GUI and an Agent Connection PointAiming for high usability even on restricted networks, Hashtopolis communicates over HTTP(S) using a human-readable, hashing-specific dialect of JSON.The server part runs on PHP using MySQL as…