Pinned Repositories
DoHC2
DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH).
HostHunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
malware-analysis
A repository of tools and scripts related to malware analysis
MCIR
The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.
owasp-modsecurity-crs
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
portia
Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
scavenger
scavenger : is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as "interesting" files containing sensitive information.
SharpCompile
SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing using beacon's 'execute-assembly' in seconds.
snappy
SpiderLabs's Repositories
SpiderLabs/HostHunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
SpiderLabs/portia
Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
SpiderLabs/DoHC2
DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH).
SpiderLabs/MCIR
The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.
SpiderLabs/SharpCompile
SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing using beacon's 'execute-assembly' in seconds.
SpiderLabs/snappy
SpiderLabs/Nmap-Tools
SpiderLabs shared Nmap Tools
SpiderLabs/cribdrag
cribdrag - an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys
SpiderLabs/jboss-autopwn
A JBoss script for obtaining remote shell access
SpiderLabs/Airachnid-Burp-Extension
A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
SpiderLabs/cve_server
Simple REST-style web service for the CVE searching
SpiderLabs/msfrpc
Perl/Python modules for interfacing with Metasploit MSGRPC
SpiderLabs/IOCs-IDPS
This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
SpiderLabs/BurpNotesExtension
Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created during penetration testing.
SpiderLabs/BlackByteDecryptor
SpiderLabs/groupenum
SpiderLabs/ModSecurity-log-utilities
Set of CLI tools to transform ModSecurity logs into a meaningful information, given a context.
SpiderLabs/Firework
Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.
SpiderLabs/OWASP-CRS-Documentation
Documentation for the OWASP CRS project
SpiderLabs/microphisher
µphisher spear phishing tool (reference implementation)
SpiderLabs/deblaze
Performs method enumeration and interrogation against flash remoting end points.
SpiderLabs/pingback
SpiderLabs/modsec-sdbm-util
Utility to manipulate SDBM files used by ModSecurity. With that utility it is possible to _shrink_ SDBM databases. It is also possible to list the SDBM contents with filters such as: expired or invalid items only.
SpiderLabs/advisories-poc
SpiderLabs/masher
multiple password 'asher using Python’s hashlib
SpiderLabs/OWASP-CRS-regressions
Regression tests for OWASP CRS v3
SpiderLabs/Jorogumo
Red Team Stored XSS SVG phishing-companion tool with the ability to serve a malicious login page, or clone an html page and implement custom javascript. It then generates a relevant SVG.
SpiderLabs/REvil_config
Configuration file for REvil / Kaseya July campaign
SpiderLabs/zpminternational
SpiderLabs/Grandoreiro-decryptor
Grandoreiro decryptor and DGA generator (26.May.2022)