ghostsecurity / reaper
π Don't fear the Reaper π»
β250Updated 2 weeks ago
Related projects: β
- Pen Test Report Generation and Assessment Collaborationβ413Updated 3 weeks ago
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applicβ¦β444Updated 5 months ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently β¦β242Updated last month
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbiβ¦β192Updated last week
- Gram is Klarna's own threat model diagramming toolβ267Updated last week
- HASH (HTTP Agnostic Software Honeypot)β128Updated 4 months ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CKβ¦β159Updated last month
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysisβ¦β145Updated last week
- Dredging up secrets from the depths of the file systemβ110Updated 4 months ago
- Deep Linux runtime visibility meets Wiresharkβ182Updated last week
- This repo contains IOC, malware and malware analysis associated with Public cloudβ241Updated this week
- Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.β614Updated last month
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ193Updated 4 months ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of parβ¦β248Updated 11 months ago
- Analyze pcaps with Zeek and a Grafana Dashboardβ160Updated 3 months ago
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contrβ¦β160Updated 3 weeks ago
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β110Updated last year
- DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.β135Updated last month
- This is a collection of threat detection rules / rules engines that I have come across.β270Updated 4 months ago
- β291Updated last month
- FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).β168Updated 2 months ago
- The Internets #1 Subdomain Takeover Toolβ210Updated last week
- boostsecurityio/poutineβ202Updated this week
- Secret Magpie - Secret Detection Toolβ193Updated 2 months ago
- Respotter is a Responder honeypot! Catch attackers as soon as they spin up Responder in your environment.β164Updated 2 weeks ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for cβ¦β371Updated last month
- How to setup a honeypot with an IDS, ELK and TLS traffic inspectionβ150Updated 2 years ago
- A collection of companies that disclose adversary TTPs after they have been breachedβ236Updated 4 months ago
- Stalker, the Extensible Attack Surface Management tool.β75Updated this week
- Customized CVE FEED Notifierβ104Updated 2 months ago