CiscoCXSecurityLabs
Cisco CX Security Labs is the security R&D arm of @Cisco's professional services CX organisation including combined output of @portcullislabs and @Neohapsis
US, EMEAR, APJC
Pinned Repositories
bbqsql
SQL Injection Exploitation Tool
creddump7
enum4linux
enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts
linikatz
linikatz is a tool to attack AD on UNIX
mat
MAT is a tool to assess mobile applications
NeoPI
presentations
Presentations from the CX Security Labs team
sslxray
sslxray is an SSL/TLS scanning tool designed to detect a wide range of issues
tlsplayback
tlsplayback is a set of Proof of Concepts (PoC) showing real-world replay attacks against TLS 1.3 libraries and browsers by exploiting 0-RTT
whitepapers
Papers from the CX Security Labs team
CiscoCXSecurityLabs's Repositories
CiscoCXSecurity/enum4linux
enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts
CiscoCXSecurity/linikatz
linikatz is a tool to attack AD on UNIX
CiscoCXSecurity/rdp-sec-check
rdp-sec-check is a Perl script to enumerate security settings of an RDP Service (AKA Terminal Services)
CiscoCXSecurity/udp-proto-scanner
udp-proto-scanner is a Perl script which discovers UDP services by sending triggers to a list of hosts
CiscoCXSecurity/unix-audit
Framework for generating audit commands for Unix security audits
CiscoCXSecurity/udpy_proto_scanner
udpy_proto_scanner is a Python script which discovers UDP services by sending triggers to a list of hosts
CiscoCXSecurity/presentations
Presentations from the CX Security Labs team
CiscoCXSecurity/sudo-parser
sudo-parser is a tool to audit complex sudoers files
CiscoCXSecurity/unix_collector
A live forensic collection script for various artefacts from UNIX-like systems.
CiscoCXSecurity/tcpy_scanner
Fast cross-platform TCP Connect Scanner written in Python
CiscoCXSecurity/Cloud-Investigate
A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
CiscoCXSecurity/linux-malware
Tracking interesting Linux (and UNIX) malware. Send PRs
CiscoCXSecurity/cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
CiscoCXSecurity/CTFd
CTFs as you need them
CiscoCXSecurity/openssl3-nov2022
Detection rules to look for OpenSSL 3.x usage and exploitation
CiscoCXSecurity/AdversaryShield
Mitigate adversial attacks on LLMs via automatic deployment of predefined plugins.
CiscoCXSecurity/attack-ti
Vertical and geographic extracts from MITRE ATT&CK
CiscoCXSecurity/chatops-securing-your-webex-bot
Cisco Learning Blog - Chatops: Securing your Webex Bot
CiscoCXSecurity/Cisco-Security-Postman
CiscoCXSecurity/ISEXML2JSON
This is a simple script that converts default Policy XML file obtained from ISE to JSON format for better visualization.
CiscoCXSecurity/lab_simulator-001
Lab Simulator for SecureX Lab
CiscoCXSecurity/lab_simulator-002
lab_simulator-002 for XDR Demos
CiscoCXSecurity/massJARM
A threaded implemenation of JARM tool
CiscoCXSecurity/meraki-hunting
Threat hunting scripts for Cisco Meraki installations
CiscoCXSecurity/nso-docker
Home of the NSO in Docker ecosystem. Organize your NSO dev flow to seamlessly build and test in CI and locally on Linux and OS X. (mirror of https://gitlab.com/nso-developer/nso-docker/)
CiscoCXSecurity/signaturemap
CiscoCXSecurity/ssh-farm
A simple tool to spawn multiple SSH services via docker.
CiscoCXSecurity/Talon
A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.
CiscoCXSecurity/Terraform_ISE_AWS_Deployment
Terraform code for creating a lab environment in AWS using Cisco ISE 3.1 and the necessary AWS environment constructs (VPC, Subnets, Security Group, NAT and Internet Gateways, Route Tables, etc)
CiscoCXSecurity/XDR_demo_-_create_incident_from_apache_log_threat_analysis
create an XDR incident from Attack Detection into apache log