GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials

GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials

GitLab Watchman is an application that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally – this includes code, commits, wiki pages and more. GitLab Watchman searches GitLab for internally shared projects and looks at: Code Commits Wiki pages Issues Merge requests Milestones For the following data: GCP keys and […]

Topic: Countermeasures
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations

GKE Auditor – Detect Google Kubernetes Engine Misconfigurations

GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security and development teams streamline the configuration process and save time looking for generic bugs and vulnerabilities. The tool consists of individual modules called Detectors, each scanning for a specific vulnerability. Installing and Using GKE Auditor to Detect Google […]

Topic: Countermeasures
zANTI - Android Wireless Hacking Tool Free Download

zANTI – Android Wireless Hacking Tool Free Download

zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using your mobile device for free download. This easy to use mobile toolkit enables IT Security Administrators to simulate an advanced attacker to identify the malicious techniques they use in […]

Topic: Hacking Tools
HELK - Open Source Threat Hunting Platform

HELK – Open Source Threat Hunting Platform

The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack. This project was developed primarily for research, but due to its flexible design and core components, […]

Topic: Hacking Tools
trape - OSINT Analysis Tool For People Tracking

Trape – OSINT Analysis Tool For People Tracking

Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information. Example types of information are the status of sessions of their websites or services and control their users […]

Topic: Social Engineering
Fuzzilli - JavaScript Engine Fuzzing Library

Fuzzilli – JavaScript Engine Fuzzing Library

Fuzzilii is a JavaScript engine fuzzing library, it’s a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language (“FuzzIL”) which can be mutated and translated to JavaScript. When fuzzing for core interpreter bugs, e.g. in JIT compilers, semantic correctness of generated programs becomes a concern. This is in contrast to most other […]

Topic: Exploits/Vulnerabilities