Pinned Repositories
Abusing-Roku-APIs
A fun repository on how to externally issue commands to Roku devices utilizing the External Control Protocol (ECP). The repository covers how to enumerate devices, issue commands via "curl," and designing custom scripts to mess with friends and family!
Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Here is a simple way to evade anti-virus software when creating backdoors!
Kuzco
Kuzco reviews your Terraform and OpenTofu resources, compares them to the provider schema to detect unused parameters, and uses AI to suggest improvements and fixes
Obfusc8ted
You and the AppleLabs' Incident Response Team have been notified of a potential breach to a Human Resources' workstation. According to the Human Resources representative, they did not notice any anomalous activity while browsing the web, but the AppleLabs' system information and event management (SIEM) instance alerted on a suspicious domain. Moments later, the host-based intrusion detection system (HIDS) alerted on several malicious programs acting as potential keyloggers. While the AppleLabs' IT and Incident Response Teams struggle to find the answers, can you lend us your digital forensic experience to hunt down this threat actor?
Red-Teaming-TTPs
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
ScrapPY
ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, and dictionary attacks against targets. The tool dives deep to discover keywords and phrases leading to potential passwords or hidden directories.
terrafetch
The Neofetch of Terraform. Let your IaC flex for you.
Terramaid
A utility for generating Mermaid diagrams from Terraform configurations
WindowsKiller
Generates a flood of Router Advertisements (RA) with random source MAC addresses and IPv6 prefixes. Computers, which have stateless autoconfiguration enabled by default (every major OS), will start to compute IPv6 suffix and update their routing table to reflect the accepted announcement. This will cause 100% CPU usage on Windows and platforms, preventing to process other application requests.
WolfPack
WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
RoseSecurity's Repositories
RoseSecurity/Red-Teaming-TTPs
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
RoseSecurity/Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Here is a simple way to evade anti-virus software when creating backdoors!
RoseSecurity/Terramaid
A utility for generating Mermaid diagrams from Terraform configurations
RoseSecurity/Abusing-Roku-APIs
A fun repository on how to externally issue commands to Roku devices utilizing the External Control Protocol (ECP). The repository covers how to enumerate devices, issue commands via "curl," and designing custom scripts to mess with friends and family!
RoseSecurity/ScrapPY
ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, and dictionary attacks against targets. The tool dives deep to discover keywords and phrases leading to potential passwords or hidden directories.
RoseSecurity/WolfPack
WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
RoseSecurity/Kuzco
Kuzco reviews your Terraform and OpenTofu resources, compares them to the provider schema to detect unused parameters, and uses AI to suggest improvements and fixes
RoseSecurity/WindowsKiller
Generates a flood of Router Advertisements (RA) with random source MAC addresses and IPv6 prefixes. Computers, which have stateless autoconfiguration enabled by default (every major OS), will start to compute IPv6 suffix and update their routing table to reflect the accepted announcement. This will cause 100% CPU usage on Windows and platforms, preventing to process other application requests.
RoseSecurity/Obfusc8ted
You and the AppleLabs' Incident Response Team have been notified of a potential breach to a Human Resources' workstation. According to the Human Resources representative, they did not notice any anomalous activity while browsing the web, but the AppleLabs' system information and event management (SIEM) instance alerted on a suspicious domain. Moments later, the host-based intrusion detection system (HIDS) alerted on several malicious programs acting as potential keyloggers. While the AppleLabs' IT and Incident Response Teams struggle to find the answers, can you lend us your digital forensic experience to hunt down this threat actor?
RoseSecurity/DNS-Fender
A Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries.
RoseSecurity/terrafetch
The Neofetch of Terraform. Let your IaC flex for you.
RoseSecurity/SIMATIC-SMACKDOWN
A compact and simple program targeting SIMATIC S7 Programmable Logic Controllers (PLCs) written in Go. Allowing for cross-compilation to target multiple operating systems out of the box, SIMATIC-SMACKDOWN enumerates networks for S7 devices before launching a distributed attack to STOP PLC CPUs.
RoseSecurity/APOLOGEE
APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947.
RoseSecurity/Enumerating-ICS-SCADA-Devices
A compilation of scripts and scans for discovering and enumerating industrial control and SCADA devices. Utilizing open-source tools, I have compiled scans and scripts for targeting Operational Technology (OT) devices and hosts!
RoseSecurity/CloudPulse
A tool to curate compelling news on cloud technologies and cybersecurity. By aggregating information from RSS feeds and Reddit, it identifies the most noteworthy and impactful updates in the tech industry.
RoseSecurity/Automator-Terminator
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address.
RoseSecurity/RoseSecurity
/dev/tty
RoseSecurity/homebrew-core
🍻 Default formulae for the missing package manager for macOS (or Linux)
RoseSecurity/rosesecurity.github.io
A blog about development, security, and other nerdy things
RoseSecurity/terraform-provider-okta
A Terraform provider to manage Okta resources, enabling infrastructure-as-code provisioning and management of users, groups, applications, and other Okta objects.
RoseSecurity/n8n-helm-chart
A Kubernetes Helm chart for n8n - a workflow automation tool. Easily automate tasks across different services on self hosted onKubernetes
RoseSecurity/skate
A personal key value store 🛼
RoseSecurity/terraform-best-practices
Terraform Best Practices free ebook translated into 🇬🇧🇦🇪🇧🇦🇧🇷🇫🇷🇬🇪🇩🇪🇬🇷🇮🇱🇮🇳🇮🇩🇮🇹🇯🇵🇰🇷🇵🇱🇷🇴🇨🇳🇪🇸🇹🇷🇺🇦🇵🇰