Other Tools (Catch all) - SethBodine/audit-tools GitHub Wiki
Infrastructure as Code (IaC)
| URL | Last Commit | Comments |
|---|---|---|
| TerraformGoat |  |
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool. |
| TerraGoat - Vulnerable Terraform Infrastructure |  |
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. |
| Kubernetes Goat |  |
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground. |
| Kube-goat |  |
A deliberately vulnerable Kubernetes cluster. |
| Bad Pods |  |
A collection of manifests that will create pods with elevated privileges. |
Open Source Inteligence (OSINT)
| URL | Last Commit | Comments |
|---|---|---|
| OSINT Framework |  |
OSINT framework focused on gathering information from free tools or resources. |
| Blackbird |  |
An OSINT tool to search for accounts by username in social networks. |
| ASTERISKS & OBELIX |  |
Identify the emails hidden behind asterisks. |
| Terra |  |
OSINT Tool on Twitter and Instagram. |
| Profil3r |  |
OSINT tool that allows you to find a person's accounts and emails + breached emails. |
| Postal - Email OSINT |  |
Poastal - the Email OSINT tool |
| TLDHunt |  |
Domain Availability Checker. |
| KnockKnock |  |
Enumerate valid users within Microsoft Teams and OneDrive with clean output. |
| Sirius Scan |  |
The first truly open-source general purpose vulnerability scanner. |
| Spoofy |  |
Checks if a list of domains can be spoofed based on SPF and DMARC records. |
| EmploLeaks |  |
An OSINT tool that helps detect members of a company with leaked credentials |
| web-check |  |
All-in-one OSINT tool for analysing any website Tool Demo |
| CloakQuest3r |  |
Uncover the true IP address of websites safeguarded by Cloudflare & Others |
| WAF Bypass Tool |  |
Check your WAF before an attacker does |
| PIP-INTEL |  |
PIP-INTEL is an OSINT (Open Source Intelligence) tool designed using various open-source tools and pip packages. |
| gitGRAB |  |
This tool is designed to interact with the GitHub API and retrieve specific user details, repository information, and commit emails for a given user. |
| Octopii |  |
An AI-powered Personal Identifiable Information (PII) scanner. |
| hardCIDR |  |
hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The route server is selected at random at runtime. |
| ExchangeFinder |  |
Find Microsoft Exchange instance for a given domain and identify the exact version |
| RepoReaper |  |
RepoReaper is an automated tool crafted to meticulously scan and identify exposed .git repositories within specified domains and their subdomains. |
| OSTE-Web-Log-Analyzer |  |
OSTE WLA automate the process of analyzing web server logs with the Python Web Log Analyzer. |
M365 Tools
| URL | Last Commit | Comments |
|---|---|---|
| 365 Inspect |  |
A PowerShell script that automates the security assessment of Microsoft Office 365 environments. |
| ScubaGear |  |
Automation to assess the state of your M365 tenant against CISA's baselines. (untested) |
| AADInternals | AADInternals and AADInternals-Endpoints toolkits are PowerShell modules containing tools for administering and hacking Entra ID (ex. Azure AD), Office 365, and Entra ID related endpoints |
AD Tools
| URL | Last Commit | Comments |
|---|---|---|
| ADRecon |  |
Gathers information about the Active Directory. |
| ADAudit |  |
Active Directory Audit Tools for IT Audits. |
| ADxRay |  |
Health Check script that generates a full HTML report of the environment's health, security and status based on Microsoft's Best Practices. |
| Domain Audit |  |
Automates a lot of checks from a pentester perspective. |
| Testimo |  |
PowerShell module for running health checks for Active Directory against a bunch of different tests. |
| adaudit |  |
Powershell script to do domain auditing automation. |
| PingCastle |  |
PingCastle - Get Active Directory Security at 80% in 20% of the time - Free for own business us. |
| msLDAPDump |  |
LDAP enumeration tool implemented in Python3. |
Additional Tools (Not yet introduced into container)
| URL | Last Commit | Comments |
|---|---|---|
| KnowsMore |  |
Swiss Army tool for AD |
| Startup-SBOM |  |
A tool to reverse engineer and inspect the RPM and APT databases to list all the packages along with executables, service and versions. |
Incident Response Tools
| URL | Last Commit | Comments |
|---|---|---|
| MS ICSpector |  |
Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files. |
| AttackGen |  |
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details. |
Information / Cool Tools
| URL | Last Commit | Comments |
|---|---|---|
| Github Sheilds |  |
Concise, consistent, and legible badges in SVG and raster format. |
| Kali Packerage Manager |  |
Tool to help manage and upgrade Kali packages and configuration |
| SecuSphere |  |
Efficient DevSecOps PLatform. |
| PatchaPalooza |  |
Insightful analysis of Microsoft's monthly security updates. |
| s3enum |  |
Fast and stealthy Amazon S3 bucket enumeration tool for pentesters. |
| Goblob |  |
fast enumeration tool for publicly exposed Azure Storage blobs. |
| PassBreaker |  |
A command-line password cracking tool. |
| Ethical Insight |  |
Centralized Active Directory Auditing Tool. |
| cheat.sh |  |
Unified access to the best community driven cheat sheets repositories of the world. |
| HardeningKitty |  |
Checks and hardens your Windows configuration. |
| BucketLoot |  |
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text. |
| CloudSploit |  |
Cloud Security Posture Management (CSPM) |
| Galah |  |
Galah: An LLM-powered web honeypot. Wasting attackers' time with faker-than-ever HTTP responses! |
| C2 Tracker |  |
Live Feed of C2 servers, tools, and botnets |
| T-Pot |  |
🍯 T-Pot - The All In One Multi Honeypot Platform 🐝 |
| Cowrie |  |
Cowrie SSH/Telnet Honeypot https://docs.cowrie.org/ |
For the teams of red / blue/ purple
| URL | Last Commit | Comments |
|---|---|---|
| Nuclei + Paramspider = NucleiFuzzer |  |
Tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Apps |
| Unprotect Project | Evasion Technique Search Engine. | |
| PS Script Analyzer |  |
z9 PowerShell Log Analyzer. |
| Active Directory Exploitation Cheat Sheet |  |
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory. |
| Smartbrute |  |
Password spraying and bruteforcing tool for Active Directory Domain Services. |
| BlueHound |  |
BlueHound - pinpoint the security issues that actually matter. |
| CLZero |  |
A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors |
| cve-maker |  |
Tool to find CVEs and Exploits. |
| CloudPentestCheatsheets |  |
This repository contains a collection of cheatsheets put together for tools related to pentesting organizations that leverage cloud providers. |
| SploitScan |  |
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits. |
| Porch Pirate |  |
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications. |
| Above |  |
Network Security Sniffer |
| headerpwn |  |
A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers |
| LOLSpoof |  |
An interactive shell to spoof some LOLBins command line |
| X-Recon |  |
A utility for detecting webpage inputs and conducting XSS scans. |
| SiCat |  |
The useful exploit finder |
| Hardening Meter |  |
HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems. |