nccgroup/nccfsas

Security auditing tool for AWS environments

6,664

Scout2

Security-focused static analysis for the Phoenix Framework

1,728

sobelow

Elixir

1,671

Winpayloads

Undetectable Windows Payload Generation

HTA encryption tool for RedTeams

1,519

demiguise

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

1,326

house

A tool for quickly evaluating IAM permissions in AWS.

1,321

PMapper

RedSnarf is a pen-testing / red-teaming tool for Windows environments

1,279

redsnarf

PowerShell

1,182

featherduster

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop

1,087

SocksOverRDP

A DNS rebinding attack framework.

1,067

singularity

Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.

1,018

exploit_mitigations

865

AutoRepeater

Automated HTTP Request Repeating With Burp Suite

the Network Protocol Fuzzer that we will want to use.

742

fuzzowski

Discover resources created in an AWS account.

719

aws-inventory

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

703

BurpSuiteHTTPSmuggler

A sniffer for Bluetooth 5 and 4.x LE

654

Sniffle

648

sadcloud

A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure

HCL

636

TriforceAFL

AFL/QEMU fuzzing with full-system emulation.

624

nmap-nse-vulnerability-scripts

NMAP Vulnerability Scanning Scripts

Lua

618

LoggerPlusPlus

Advanced Burp Suite Logging Extension

Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans

608

freddy

Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams

572

phantap

560

azucar

Security auditing tool for Azure environments

PowerShell

559

tracy

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

VisualCodeGrepper - Code security scanning tool.

553

VCG

Visual Basic .NET

523

Cyber-Defence

Information released publicly by NCC Group's Cyber Incident Response Team

A tool for collecting RDP, web and VNC screenshots all in one place

474

scrying

Rust

450

autochrome

This tool downloads, installs, and configures a shiny new copy of Chromium.

Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.

431

wssip

Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.

425

blackboxprotobuf

idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro

380

idahunt

Specify targets and run sets of tools against them

376

autopwn

Content hijacking proof-of-concept using Flash, PDF and Silverlight

376

CrossSiteContentHijacking

Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating user privacy within an app accessible for everyone.

372

Solitude

CSS

370

vlan-hopping---frogger

Easy 802.1Q VLAN Hopping

A tool to find and exploit servers vulnerable to Shellshock

346

shocker

DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.

333

DriverBuddy

A command shell wrapper using only WMI for Microsoft Windows

331

WMIcmd

319

acCOMplice

Tools for discovery and abuse of COM hijacks

PowerShell

272

SusanRTTI

Another RTTI Parsing IDA plugin

The USB host security assessment tool

269

umap

Metasploit AV Evasion Tool

265

metasploitavevasion

Check for valid credentials across a network over SMB

257

keimpx

Umap2 is the second revision of NCC Group's python based USB host security assessment tool.

256

umap2

A U-Boot hacking toolkit for security researchers and tinkerers

250

depthcharge

UPnP Pentest Toolkit for Windows

245

UPnP-Pentest-Toolkit

244

GTFOBLookup

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).

Google Cloud Platform Security Tool

238

G-Scout

Main repository to pull all NCC Group Cisco ASA-related tool projects.

232

asatools

Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking

224

cisco-SNMP-enumeration

A simple embedded Linux backdoor.

216

thetick

A number of Recipes for AWS

195

AWS-recipes

195

kube-auto-analyzer

Kubernetes Auto Analyzer

TPM Genie is an I2C bus interposer for discrete Trusted Platform Modules

192

TPMGenie

BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.

189

BinProxy

Ruby

172

TriforceLinuxSyscallFuzzer

A linux system call fuzzer using TriforceAFL

170

DetectWindowsCopyOnWriteForAPI

Enumerate various traits from Windows processes as an aid to threat hunting

A collection of scripts for dealing with Cobalt Strike beacons in Python

168

pybeacon

BlueKeep scanner supporting NLA

167

BKScan

A finder of domain typos showing country of IP address

167

typofinder

BLESuite is a Python package that provides an easier way to test Bluetooth Low Energy (BLE) device

166

BLESuite

A small command-line TCP proxy utility written in Python

165

SteppingStones

A Red Team Activity Hub

libslub

tcpprox

Small Python library that makes it easy to exploit race conditions in web apps with Requests.

156

requests-racer

bash script to facilitate some aspects of an Android application assessment

152

LazyDroid

An automated SMB relay exploitation script.

151

chuckle

Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container

151

whalescan

GitPwnd is a network penetration tool that lets you use a git repo for command and control of compromised machines

143

gitpwnd

Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb

139

Carnivore

139

CollaboratorPlusPlus

Offensive tool to trigger network authentications as SYSTEM

139

Change-Lockscreen

138

Decoder-Improved

Improved decoder for Burp Suite

The Outlook HTML Leak Test Project

134

OutlookLeakTest

131

Wubes

Qubes containerization on Windows

Automate NMAP Scans and Generate Custom Nessus Policies Automatically

130

port-scan-automation

Hodor

Zulu

WinShareEnum

Windows Share Enumerator

121

memscan

Searches for strings, regex, credit card numbers of magnetic stripe card tracks in a Windows process's memory space

120

ebpf

eBPF - extended Berkeley Packet Filter tooling

A Burp Extension designed to identify argument injection vulnerabilities.

120

argumentinjectionhammer

DroppedConnection

SCOMDecrypt

SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers

112

GOATCasino

This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.

A HTA shell to assist with breakout assessments.

112

OneLogicalMyth_Shell

BLE-Replay is a Bluetooth Low Energy (BLE) peripheral assessment tool

112

BLE-Replay

Identify IP addresses owned by public cloud providers

110

cloud_ip_ranges

web3-decoder

ccs

WindowsDACLEnumProject

A collection of tools to enumerate and analyse Windows DACLs

Salesforce object access auditor

105

raccoon

Windows NT ioctl bruteforcer and modular fuzzer

104

DIBF

Pentester-focused Docker registry tool to enumerate and pull images

103

go-pillage-registries

103

DatajackProxy

Datajack Proxy allows you to intercept TLS traffic in native x86 applications across platforms

Burp Suite extension to perform Kerberos authentication

100

pcap-burp

Pcap importer for Burp

jwt-reauth

Berserko