Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists by RoseSecurity
A curated list of projects in awesome lists by RoseSecurity .
https://github.com/rosesecurity/red-teaming-ttps
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
cybersecurity hacking redteaming
Last synced: 15 Oct 2024
https://github.com/RoseSecurity/Red-Teaming-TTPs
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
cybersecurity hacking redteaming
Last synced: 03 Oct 2024
https://github.com/rosesecurity/anti-virus-evading-payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Here is a simple way to evade anti-virus software when creating backdoors!
Last synced: 22 Oct 2024
https://github.com/RoseSecurity/Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
Last synced: 03 Aug 2024
https://github.com/rosesecurity/terramaid
A utility for generating Mermaid diagrams from Terraform configurations
cloud github-actions terraform
Last synced: 29 Oct 2024
https://github.com/RoseSecurity/Terramaid
A utility for generating Mermaid diagrams from Terraform configurations
cloud github-actions terraform
Last synced: 20 Sep 2024
https://github.com/rosesecurity/abusing-roku-apis
A fun repository on how to externally issue commands to Roku devices utilizing the External Control Protocol (ECP). The repository covers how to enumerate devices, issue commands via "curl," and designing custom scripts to mess with friends and family!
Last synced: 22 Oct 2024
https://github.com/RoseSecurity/ScrapPY
ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, and dictionary attacks against targets. The tool dives deep to discover keywords and phrases leading to potential passwords or hidden directories.
cybersecurity hacking pdf python3 scraper
Last synced: 09 Nov 2024
https://github.com/rosesecurity/scrappy
ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, and dictionary attacks against targets. The tool dives deep to discover keywords and phrases leading to potential passwords or hidden directories.
cybersecurity hacking pdf python3 scraper
Last synced: 30 Oct 2024
https://github.com/rosesecurity/wolfpack
WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
ansible cybersecurity infrastructure-as-code packer terraform
Last synced: 30 Oct 2024
https://github.com/rosesecurity/windowskiller
Generates a flood of Router Advertisements (RA) with random source MAC addresses and IPv6 prefixes. Computers, which have stateless autoconfiguration enabled by default (every major OS), will start to compute IPv6 suffix and update their routing table to reflect the accepted announcement. This will cause 100% CPU usage on Windows and platforms, preventing to process other application requests.
Last synced: 03 Oct 2024
https://github.com/rosesecurity/obfusc8ted
You and the AppleLabs' Incident Response Team have been notified of a potential breach to a Human Resources' workstation. According to the Human Resources representative, they did not notice any anomalous activity while browsing the web, but the AppleLabs' system information and event management (SIEM) instance alerted on a suspicious domain. Moments later, the host-based intrusion detection system (HIDS) alerted on several malicious programs acting as potential keyloggers. While the AppleLabs' IT and Incident Response Teams struggle to find the answers, can you lend us your digital forensic experience to hunt down this threat actor?
Last synced: 03 Oct 2024
https://github.com/rosesecurity/extraterrestrial
As an Open Source Intelligence analyst, you have been tasked with locating Activia Productions' project manager and recruiter, Khalil Askerman, who disappeared shortly after leaving for a company sponsored trip. According to family and friends, Khalil was a loveable guy who enjoyed the little things in life like going to Waffle House at 2 A.M after a night of wearing out the company credit card with clients on scented dry erase markers and LonelyFans. Can you assist Activia Productions in finding their missing project manager?
Last synced: 22 Oct 2024
https://github.com/rosesecurity/rotty.py
Rotty.py delivers a cross-platform solution for performing simple home network monitoring. Utilizing network mapping, service enumeration, and port scanning capabilities, Rotty will monitor your home network and report any significant changes that occur via email. This simple script will give you visibility and insight into the dynamic and ever-changing environment of your network.
Last synced: 09 Nov 2024
https://github.com/rosesecurity/dns-fender
A Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries.
Last synced: 03 Oct 2024
https://github.com/rosesecurity/simatic-smackdown
A compact and simple program targeting SIMATIC S7 Programmable Logic Controllers (PLCs) written in Go. Allowing for cross-compilation to target multiple operating systems out of the box, SIMATIC-SMACKDOWN enumerates networks for S7 devices before launching a distributed attack to STOP PLC CPUs.
cybersecurity go golang malware-research malware-samples
Last synced: 31 Oct 2024
https://github.com/rosesecurity/apologee
APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947.
Last synced: 22 Oct 2024
https://github.com/rosesecurity/enumerating-ics-scada-devices
A compilation of scripts and scans for discovering and enumerating industrial control and SCADA devices. Utilizing open-source tools, I have compiled scans and scripts for targeting Operational Technology (OT) devices and hosts!
Last synced: 03 Oct 2024
https://github.com/rosesecurity/cloudpulse
A tool to curate compelling news on cloud technologies and cybersecurity. By aggregating information from RSS feeds and Reddit, it identifies the most noteworthy and impactful updates in the tech industry.
Last synced: 01 Nov 2024
https://github.com/rosesecurity/automator-terminator
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address.
Last synced: 03 Oct 2024
https://github.com/RoseSecurity/Enum_AzureSubdomains
A Metasploit Auxiliary module for enumerating public Azure services by locating valid subdomains through various DNS queries.
Last synced: 05 Aug 2024
https://github.com/rosesecurity/enum_azuresubdomains
A Metasploit Auxiliary module for enumerating public Azure services by locating valid subdomains through various DNS queries.
Last synced: 09 Nov 2024
https://github.com/rosesecurity/active-projects
A repository of active RoseSecurity Research projects and how to contribute
Last synced: 23 Oct 2024
https://github.com/rosesecurity/atmos.nvim
🚀 A lightweight, user-friendly Neovim plugin for easily navigating and managing Atmos stacks and components.
atmos cloud neovim neovim-plugin telescope telescope-extension terraform
Last synced: 02 Nov 2024