nccgroup / whalescan
Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container
☆155Updated last year
Alternatives and similar repositories for whalescan:
Users that are interested in whalescan are comparing it to the libraries listed below
- ☆134Updated 2 years ago
- Tool to discover external and internal network attack surface☆195Updated 10 months ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆95Updated 5 years ago
- A Docker container for remote penetration testing.☆135Updated 4 years ago
- SNIcat☆126Updated 3 years ago
- Boomerang is a tool to expose multiple internal servers to web/cloud. Agent & Server are pretty stable and can be used in Red Team for Mu…☆221Updated 4 years ago
- ☆69Updated 3 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆142Updated last year
- ☆93Updated 2 years ago
- Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb☆145Updated 4 years ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.�☆166Updated 5 months ago
- Active Directory Lab for Penetration Testing☆51Updated 4 years ago
- Resolves an IP address to the cloud provider it is hosted on☆95Updated this week
- GoldenSAML Attack Libraries and Framework☆72Updated 10 months ago
- A curated list of awesome BloodhoundAD resources☆230Updated 2 years ago
- Lateral Movement graph for Azure Active Directory☆122Updated 2 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆210Updated 4 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆111Updated 4 years ago
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆113Updated 3 years ago
- HoneyCreds network credential injection to detect responder and other network poisoners.☆217Updated 3 years ago
- Red Team C2 Infrastructure built in AWS using Ansible!☆228Updated 4 years ago
- automated password spraying tool☆148Updated 3 years ago
- Monitoring GitHub for sensitive data shared publicly☆66Updated 3 years ago
- Picus Labs☆44Updated 4 years ago
- A pre-DDoS security assessment tool☆120Updated 3 years ago
- ☆126Updated 9 months ago
- A very simple lab to demo some Terraform, DSC, Inspec and Gitlab CI☆91Updated 2 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆76Updated 3 years ago
- WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…☆157Updated last year
- Find and notify users in your Active Directory with weak passwords☆101Updated 3 years ago