Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists by nccgroup
A curated list of projects in awesome lists by nccgroup .
https://github.com/nccgroup/Scout2
Security auditing tool for AWS environments
Last synced: 01 Aug 2024
https://github.com/nccgroup/sobelow
Security-focused static analysis for the Phoenix Framework
elixir phoenix-framework security static-analysis
Last synced: 30 Jul 2024
https://github.com/nccgroup/Winpayloads
Undetectable Windows Payload Generation
antivirus bypass kali metasploit meter msfconsole netsec payloads persistence powershell python uac undetectable windows
Last synced: 31 Jul 2024
https://github.com/nccgroup/winpayloads
Undetectable Windows Payload Generation
antivirus bypass kali metasploit meter msfconsole netsec payloads persistence powershell python uac undetectable windows
Last synced: 01 Aug 2024
https://github.com/nccgroup/house
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
android frida mobile pentest-tool
Last synced: 01 Aug 2024
https://github.com/nccgroup/pmapper
A tool for quickly evaluating IAM permissions in AWS.
aws botocore cloudsecurity iam python
Last synced: 01 Aug 2024
https://github.com/nccgroup/PMapper
A tool for quickly evaluating IAM permissions in AWS.
aws botocore cloudsecurity iam python
Last synced: 01 Aug 2024
https://github.com/nccgroup/redsnarf
RedSnarf is a pen-testing / red-teaming tool for Windows environments
active-directory pentesting pentesting-windows python windows
Last synced: 04 Aug 2024
https://github.com/nccgroup/featherduster
An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
cryptanalysis crypto cryptography encryption exploit exploitation exploitation-framework exploits python security
Last synced: 01 Aug 2024
https://github.com/nccgroup/SocksOverRDP
Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop
Last synced: 04 Aug 2024
https://github.com/nccgroup/singularity
A DNS rebinding attack framework.
attack dns dns-rebinding iot vulnerability
Last synced: 01 Aug 2024
https://github.com/nccgroup/AutoRepeater
Automated HTTP Request Repeating With Burp Suite
burp-plugin burpsuite security
Last synced: 02 Aug 2024
https://github.com/nccgroup/autorepeater
Automated HTTP Request Repeating With Burp Suite
burp-plugin burpsuite security
Last synced: 01 Aug 2024
https://github.com/nccgroup/exploit_mitigations
Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
Last synced: 04 Aug 2024
https://github.com/nccgroup/abptts
TCP tunneling over HTTP/HTTPS for web application servers
Last synced: 03 Aug 2024
https://github.com/nccgroup/fuzzowski
the Network Protocol Fuzzer that we will want to use.
Last synced: 01 Aug 2024
https://github.com/nccgroup/aws-inventory
Discover resources created in an AWS account.
Last synced: 01 Aug 2024
https://github.com/nccgroup/burpsuitehttpsmuggler
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
burpsuite burpsuite-extender bypass waf
Last synced: 01 Aug 2024
https://github.com/nccgroup/BurpSuiteHTTPSmuggler
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
burpsuite burpsuite-extender bypass waf
Last synced: 02 Aug 2024
https://github.com/nccgroup/nmap-nse-vulnerability-scripts
NMAP Vulnerability Scanning Scripts
Last synced: 04 Aug 2024
https://github.com/nccgroup/sadcloud
A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
Last synced: 01 Aug 2024
https://github.com/nccgroup/TriforceAFL
AFL/QEMU fuzzing with full-system emulation.
Last synced: 03 Aug 2024
https://github.com/nccgroup/burpsuiteloggerplusplus
Advanced Burp Suite Logging Extension
Last synced: 11 Aug 2024
https://github.com/nccgroup/LoggerPlusPlus
Advanced Burp Suite Logging Extension
Last synced: 01 Aug 2024
https://github.com/nccgroup/nccfsas
Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
Last synced: 04 Aug 2024
https://github.com/nccgroup/freddy
Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
Last synced: 01 Aug 2024
https://github.com/nccgroup/phantap
Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams
Last synced: 01 Aug 2024
https://github.com/nccgroup/tracy
A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
browser-extension chrome chrome-extension firefox firefox-addon security security-tools xss xss-detection
Last synced: 01 Aug 2024
https://github.com/nccgroup/azucar
Security auditing tool for Azure environments
Last synced: 01 Aug 2024
https://github.com/nccgroup/VCG
VisualCodeGrepper - Code security scanning tool.
Last synced: 01 Aug 2024
https://github.com/nccgroup/vcg
VisualCodeGrepper - Code security scanning tool.
Last synced: 01 Aug 2024
https://github.com/nccgroup/blackboxprotobuf
Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.
Last synced: 31 Jul 2024
https://github.com/nccgroup/scrying
A tool for collecting RDP, web and VNC screenshots all in one place
Last synced: 01 Aug 2024
https://github.com/nccgroup/wssip
Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
mitm nodejs socket-io websocket websockets
Last synced: 30 Jul 2024
https://github.com/nccgroup/autochrome
This tool downloads, installs, and configures a shiny new copy of Chromium.
Last synced: 03 Aug 2024
https://github.com/nccgroup/crosssitecontenthijacking
Content hijacking proof-of-concept using Flash, PDF and Silverlight
Last synced: 01 Aug 2024
https://github.com/nccgroup/autopwn
Specify targets and run sets of tools against them
Last synced: 07 Aug 2024
https://github.com/nccgroup/idahunt
idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro
Last synced: 30 Jul 2024
https://github.com/nccgroup/Solitude
Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating user privacy within an app accessible for everyone.
Last synced: 04 Aug 2024
https://github.com/nccgroup/DriverBuddy
DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.
Last synced: 30 Jul 2024
https://github.com/nccgroup/acCOMplice
Tools for discovery and abuse of COM hijacks
Last synced: 04 Aug 2024
https://github.com/nccgroup/keimpx
Check for valid credentials across a network over SMB
Last synced: 31 Jul 2024
https://github.com/nccgroup/UPnP-Pentest-Toolkit
UPnP Pentest Toolkit for Windows
Last synced: 02 Aug 2024
https://github.com/nccgroup/cisco-snmp-enumeration
Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking
Last synced: 03 Aug 2024
https://github.com/nccgroup/binproxy
BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.
Last synced: 03 Aug 2024
https://github.com/nccgroup/tcpprox
A small command-line TCP proxy utility written in Python
Last synced: 04 Aug 2024
https://github.com/nccgroup/LazyDroid
bash script to facilitate some aspects of an Android application assessment
Last synced: 04 Aug 2024
https://github.com/nccgroup/whalescan
Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container
Last synced: 03 Aug 2024
https://github.com/nccgroup/requests-racer
Small Python library that makes it easy to exploit race conditions in web apps with Requests.
Last synced: 01 Aug 2024
https://github.com/nccgroup/Decoder-Improved
Improved decoder for Burp Suite
Last synced: 02 Aug 2024
https://github.com/nccgroup/argumentinjectionhammer
A Burp Extension designed to identify argument injection vulnerabilities.
Last synced: 02 Aug 2024
https://github.com/nccgroup/GOATCasino
This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.
Last synced: 03 Aug 2024
https://github.com/nccgroup/windowsdaclenumproject
A collection of tools to enumerate and analyse Windows DACLs
Last synced: 03 Aug 2024
https://github.com/nccgroup/cloud_ip_ranges
Identify IP addresses owned by public cloud providers
Last synced: 03 Sep 2024
https://github.com/nccgroup/go-pillage-registries
Pentester-focused Docker registry tool to enumerate and pull images
Last synced: 03 Aug 2024
https://github.com/nccgroup/Berserko
Burp Suite extension to perform Kerberos authentication
Last synced: 03 Aug 2024
https://github.com/nccgroup/ConMachi
Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container
Last synced: 03 Aug 2024
https://github.com/nccgroup/cachegrab
a tool designed to help perform and visualize trace-driven cache attacks against software in the secure world of TrustZone-enabled ARMv8 cores
Last synced: 02 Aug 2024
https://github.com/nccgroup/s3_objects_check
Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
Last synced: 01 Aug 2024
https://github.com/nccgroup/log4j-jndi-be-gone
A Byte Buddy Java agent-based fix for CVE-2021-44228, the log4j 2.x "JNDI LDAP" vulnerability.
Last synced: 04 Aug 2024
https://github.com/nccgroup/psr
Pointer Sequence Reverser - enable you to see how Windows C++ application is accessing a particular data member or object.
Last synced: 04 Aug 2024
https://github.com/nccgroup/kubetcd
Post-exploit a compromised etcd, gain persistence and remote shell to nodes.
Last synced: 02 Aug 2024
https://github.com/nccgroup/Winstrument
Winstrument is a framework of modular scripts to aid in instrumenting Windows software using Frida for reverse engineering and attack surface analysis.
Last synced: 04 Aug 2024
https://github.com/nccgroup/HTTPSignatures
A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft.
Last synced: 03 Aug 2024
https://github.com/nccgroup/nlist
An nmap script to produce target lists for use with various tools.
lua nmap nmap-scripts nse nsescript pentesting
Last synced: 04 Aug 2024
https://github.com/nccgroup/CECster
A GUI-based tool to perform security testing against the HDMI CEC (Consumer Electronics Control) and HEC (HDMI Ethernet Channel) protocols
Last synced: 02 Aug 2024
https://github.com/nccgroup/WCFDSer-ngng
A Burp Extender plugin, that will make binary soap objects readable and modifiable.
Last synced: 02 Aug 2024
https://github.com/nccgroup/yaml2yara
Generate bulk YARA rules from YAML input
Last synced: 02 Aug 2024
https://github.com/nccgroup/BurpImportSitemap
Import To Sitemap is a Burp Suite Extension to import wstalker CSV file or ZAP export file into Burp Sitemap
Last synced: 02 Aug 2024