nccgroup / whalescan
Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container
☆155Updated last year
Alternatives and similar repositories for whalescan:
Users that are interested in whalescan are comparing it to the libraries listed below
- A Docker container for remote penetration testing.☆135Updated 4 years ago
- ☆134Updated last year
- Active Directory Lab for Penetration Testing☆50Updated 4 years ago
- Red Team C2 Infrastructure built in AWS using Ansible!☆226Updated 4 years ago
- Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb☆145Updated 4 years ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆94Updated 5 years ago
- automated password spraying tool☆147Updated 3 years ago
- GoldenSAML Attack Libraries and Framework☆70Updated 9 months ago
- Purple Teaming Attack & Hunt Lab - Terraform☆158Updated 3 years ago
- Resources for our Active Directory security workshops☆140Updated 3 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆141Updated last year
- Boomerang is a tool to expose multiple internal servers to web/cloud. Agent & Server are pretty stable and can be used in Red Team for Mu…☆221Updated 4 years ago
- ☆172Updated last year
- A curated list of awesome BloodhoundAD resources☆231Updated 2 years ago
- ☆167Updated 5 years ago
- A very simple lab to demo some Terraform, DSC, Inspec and Gitlab CI☆89Updated 2 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆210Updated 4 years ago
- CONVEX is a group of CTFs that are independently deployable into participant Azure environments.☆138Updated 2 years ago
- SNIcat☆126Updated 3 years ago
- Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic☆289Updated 2 years ago
- Lateral Movement graph for Azure Active Directory☆120Updated 2 years ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆165Updated 4 months ago
- ☆58Updated last year
- ☆104Updated 3 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆76Updated 3 years ago
- A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities☆203Updated 4 years ago
- Tool to discover external and internal network attack surface☆195Updated 10 months ago
- Monitoring GitHub for sensitive data shared publicly☆66Updated 3 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆111Updated 4 years ago
- ☆124Updated 8 months ago