nerodtm
Information Security Professional | Lecturer M.Sc, B.Sc, eCCPT, CCNA, eJPT, ISMS LA, MBCS, ACS, ISACA
Hemas Holdings PLCSri Lanka
Pinned Repositories
AttackSurfaceMapper
Attack Surface Mapper is a reconnaissance tool that uses a mixture of open source intellgence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It enumerates subdomains with bruteforcing and passive lookups, Other IPs of the same network block owner, IPs that have multiple domain names pointing to them and so on. Once the target list is fully expanded it performs passive reconnaissance on them, taking screenshots of websites, generating visual maps, looking up credentials in public breaches, passive port scanning with Shodan and scraping employees from LinkedIn.
Automatic-API-Attack-Tool---Customizable-API-Attack-Tool
Imperva's customizable API attack tool takes an API specification as an input, and generates and runs attacks that are based on it as an output. The tool is able to parse an API specification and create fuzzing attack scenarios based on what is defined in the API specification. Each endpoint is injected with cleverly generated values within the boundaries defined by the specification, and outside of it, the appropriate requests are sent and their success or failure are reported in a detailed manner. You may also extend it to run various security attack vectors, such as illegal resource access, XSS, SQLi and RFI, that are targeted at the existing endpoints, or even at non-existing ones. No human intervention is needed. Simply run the tool and get the results. The tool can be easily extended to adapt to meet the various needs, such as for a developer who wants to test their API, or an organization that wants to run regular vulnerability or positive security scans on its public API. It is built with CI/CD in mind.
BetterBackdoor---A-Backdoor-With-A-Multitude-Of-Features
A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks. Features BetterBackdoor can create and control a backdoor. This created backdoor can: Run Command Prompt commands Run PowerShell scripts Run DuckyScripts to inject keystrokes Exfiltrate files based on extension Exfiltrate Microsoft Edge and WiFi passwords Send and receive files to and from victim's computer Start a KeyLogger Get a screenshot of victim's computer Get text copied to victim's clipboard Get contents from a victim's file (cat) This backdoor uses a client and server socket connection to communicate. The attacker starts a server and the victim connects to this server as a client. Once a connection is established, commands can be sent to the client in order to control the backdoor. To create the backdoor, BetterBackdoor: Creates 'run.jar', the backdoor jar file, and copied it to directory 'backdoor'. Appends a text file containing the server's IPv4 address to 'run.jar'. If desired, copies a Java Runtime Environment to 'backdoor' and creates batch file 'run.bat' for running the backdoor in the packaged Java Runtime Environment. To start the backdoor on a victim PC, transfer all files from the directory 'backdoor' onto a victim PC. If a JRE is packaged with the backdoor, execute run.bat, otherwise execute run.jar. This will start the backdoor on the victim's PC. Once running, to control the backdoor you must return to BetterBackdoor and run option 1 at start while connected to the same WiFi network as the victim's computer.
CyberRange---The-Open-Source-AWS-Cyber-Range
This CyberRange project represents the first open-source Cyber Range blueprint in the world. This project provides a bootstrap framework for a complete offensive, defensive, reverse engineering, & security intelligence tooling in a private research lab using the AWS Cloud. This project contains vulnerable systems and a toolkit of the most powerful open-source / community edition tools known to Penetration testers. It simply provides a researcher with a disposable offensive / defensive AWS-based environment in less than 5 minutes.
Findomain-v0.9.3---The-Fastest-And-Cross-Platform-Subdomain-Enumerator
Features Subdomains monitoring: put data to Discord, Slack or Telegram webhooks. See Subdomains Monitoring for more information. Multi-thread support for API querying, it makes that the maximun time that Findomain will take to search subdomains for any target is 20 seconds. Parallel support for subdomains resolution, in good network conditions can resolv about 2000 subdomains per minute. DNS over TLS support. Specific IPv4 or IPv6 query support. Discover subdomains without brute-force, it tool uses Certificate Transparency Logs and APIs. Discover only resolved subdomains. Discover subdomains IP for data analisis. Read target from user argument (-t) or file (-f). Write to one unique output file specified by the user all or only resolved subdomains. Write results to automatically named TXT output file(s). Hability to query directly the Findomain database created with Subdomains Monitoring for previous discovered subdomains. Hability to import and work data discovered by other tools. Quiet mode to run it silently. Cross platform support: Any platform, it's written in Rust and Rust is multiplatform. See the documentation for instructions. Multiple API support.
HashCobra-Hash-Cracking-tool-
"This tool uses a new method to crack hashes. With the help of rainbow tables concept this tool generates rainbow tables from wordlists to heavily optimize the cracking process."
nodeCrypto-v2.0---Ransomware-Written-In-NodeJs
nodeCrypt is a linux Ransomware written in NodeJs that encrypt predefined files. This project was created for educational purposes, you are the sole responsible for the use of nodeCrypto.
Octopus
See how you can run Octopus exe agent even if powershell.exe is blocked by GPO software restriction policies and also bypass fully updated Symantec Endpoint Protection (SEP) to fully compromise windows 10.
ReconCobra---Complete-Automated-Pentest-Framework-For-Information-Gathering
ReconCobra Reconcobra is Foot printing software for Ultimate Information Gathering Kali, Parrot OS, Black Arch, Termux, Android Led TV Interface Software have 82 Options with full automation with powerful information gathering capability Brief Introduction ReconCobra is useful in Banks, Private Organisations and Ethical hacker personnel for legal auditing. It serves as a defense method to find as much as information possible for gaining unauthorised access and intrusion. With the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. ReconCobra software can audit, firewall behaviour, if it is leaking backend machines/server and replying pings, it can find internal and external networks where many software’s like erp, mail firewalls are installed, exposing servers so it do Footprinting, Scanning & Enumeration as much as possible of target, to discover and collect most possible informations like username, web technologies, files, endpoint, api and much more.
Spraykatz---A-Tool-Able-To-Retrieve-Credentials-On-Windows-Machines-And-Large-Active-Directory-Envir
Spraykatz is a tool without any pretention able to retrieve credentials on Windows machines and large Active Directory environments. It simply tries to procdump machines and parse dumps remotely in order to avoid detections by antivirus softwares as much as possible.
nerodtm's Repositories
nerodtm/ReconCobra---Complete-Automated-Pentest-Framework-For-Information-Gathering
ReconCobra Reconcobra is Foot printing software for Ultimate Information Gathering Kali, Parrot OS, Black Arch, Termux, Android Led TV Interface Software have 82 Options with full automation with powerful information gathering capability Brief Introduction ReconCobra is useful in Banks, Private Organisations and Ethical hacker personnel for legal auditing. It serves as a defense method to find as much as information possible for gaining unauthorised access and intrusion. With the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. ReconCobra software can audit, firewall behaviour, if it is leaking backend machines/server and replying pings, it can find internal and external networks where many software’s like erp, mail firewalls are installed, exposing servers so it do Footprinting, Scanning & Enumeration as much as possible of target, to discover and collect most possible informations like username, web technologies, files, endpoint, api and much more.
nerodtm/AttackSurfaceMapper
Attack Surface Mapper is a reconnaissance tool that uses a mixture of open source intellgence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It enumerates subdomains with bruteforcing and passive lookups, Other IPs of the same network block owner, IPs that have multiple domain names pointing to them and so on. Once the target list is fully expanded it performs passive reconnaissance on them, taking screenshots of websites, generating visual maps, looking up credentials in public breaches, passive port scanning with Shodan and scraping employees from LinkedIn.
nerodtm/BetterBackdoor---A-Backdoor-With-A-Multitude-Of-Features
A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks. Features BetterBackdoor can create and control a backdoor. This created backdoor can: Run Command Prompt commands Run PowerShell scripts Run DuckyScripts to inject keystrokes Exfiltrate files based on extension Exfiltrate Microsoft Edge and WiFi passwords Send and receive files to and from victim's computer Start a KeyLogger Get a screenshot of victim's computer Get text copied to victim's clipboard Get contents from a victim's file (cat) This backdoor uses a client and server socket connection to communicate. The attacker starts a server and the victim connects to this server as a client. Once a connection is established, commands can be sent to the client in order to control the backdoor. To create the backdoor, BetterBackdoor: Creates 'run.jar', the backdoor jar file, and copied it to directory 'backdoor'. Appends a text file containing the server's IPv4 address to 'run.jar'. If desired, copies a Java Runtime Environment to 'backdoor' and creates batch file 'run.bat' for running the backdoor in the packaged Java Runtime Environment. To start the backdoor on a victim PC, transfer all files from the directory 'backdoor' onto a victim PC. If a JRE is packaged with the backdoor, execute run.bat, otherwise execute run.jar. This will start the backdoor on the victim's PC. Once running, to control the backdoor you must return to BetterBackdoor and run option 1 at start while connected to the same WiFi network as the victim's computer.
nerodtm/CyberRange---The-Open-Source-AWS-Cyber-Range
This CyberRange project represents the first open-source Cyber Range blueprint in the world. This project provides a bootstrap framework for a complete offensive, defensive, reverse engineering, & security intelligence tooling in a private research lab using the AWS Cloud. This project contains vulnerable systems and a toolkit of the most powerful open-source / community edition tools known to Penetration testers. It simply provides a researcher with a disposable offensive / defensive AWS-based environment in less than 5 minutes.
nerodtm/Octopus
See how you can run Octopus exe agent even if powershell.exe is blocked by GPO software restriction policies and also bypass fully updated Symantec Endpoint Protection (SEP) to fully compromise windows 10.
nerodtm/Spraykatz---A-Tool-Able-To-Retrieve-Credentials-On-Windows-Machines-And-Large-Active-Directory-Envir
Spraykatz is a tool without any pretention able to retrieve credentials on Windows machines and large Active Directory environments. It simply tries to procdump machines and parse dumps remotely in order to avoid detections by antivirus softwares as much as possible.
nerodtm/Findomain-v0.9.3---The-Fastest-And-Cross-Platform-Subdomain-Enumerator
Features Subdomains monitoring: put data to Discord, Slack or Telegram webhooks. See Subdomains Monitoring for more information. Multi-thread support for API querying, it makes that the maximun time that Findomain will take to search subdomains for any target is 20 seconds. Parallel support for subdomains resolution, in good network conditions can resolv about 2000 subdomains per minute. DNS over TLS support. Specific IPv4 or IPv6 query support. Discover subdomains without brute-force, it tool uses Certificate Transparency Logs and APIs. Discover only resolved subdomains. Discover subdomains IP for data analisis. Read target from user argument (-t) or file (-f). Write to one unique output file specified by the user all or only resolved subdomains. Write results to automatically named TXT output file(s). Hability to query directly the Findomain database created with Subdomains Monitoring for previous discovered subdomains. Hability to import and work data discovered by other tools. Quiet mode to run it silently. Cross platform support: Any platform, it's written in Rust and Rust is multiplatform. See the documentation for instructions. Multiple API support.
nerodtm/HashCobra-Hash-Cracking-tool-
"This tool uses a new method to crack hashes. With the help of rainbow tables concept this tool generates rainbow tables from wordlists to heavily optimize the cracking process."
nerodtm/nodeCrypto-v2.0---Ransomware-Written-In-NodeJs
nodeCrypt is a linux Ransomware written in NodeJs that encrypt predefined files. This project was created for educational purposes, you are the sole responsible for the use of nodeCrypto.
nerodtm/Automatic-API-Attack-Tool---Customizable-API-Attack-Tool
Imperva's customizable API attack tool takes an API specification as an input, and generates and runs attacks that are based on it as an output. The tool is able to parse an API specification and create fuzzing attack scenarios based on what is defined in the API specification. Each endpoint is injected with cleverly generated values within the boundaries defined by the specification, and outside of it, the appropriate requests are sent and their success or failure are reported in a detailed manner. You may also extend it to run various security attack vectors, such as illegal resource access, XSS, SQLi and RFI, that are targeted at the existing endpoints, or even at non-existing ones. No human intervention is needed. Simply run the tool and get the results. The tool can be easily extended to adapt to meet the various needs, such as for a developer who wants to test their API, or an organization that wants to run regular vulnerability or positive security scans on its public API. It is built with CI/CD in mind.
nerodtm/MS_Teams_keep_alive
This script helps you to keep alive in MS Teams. It shows you are available all time.
nerodtm/ReverseTCP-Shell-Framework-is-a-lightweight-C2-PowerShell-script
I tested the CMD payload (XOR obfuscated) against a fully patched Win10 E endpoint (no EDR but that’s next) and no alarms tripped. This little framework has some awesome possibilities for getting chained into an attack sequence. Although this tool is listed as only a couple days old, I do remember testing it back in the spring and it wasn’t nearly as effective off the shelf.
nerodtm/CRTP_Notes
CRTP Notes
nerodtm/kubernetes-cluster-token-rotation
This commands helps to rotate kubernets cluster token
nerodtm/linux_disk_cleanup
This bash script will helpful to cleanup your linux disk
nerodtm/listing_contents_for_excel_sheet
This bat file helps you to list down contents of the folder. This will provide excel sheet as an output
nerodtm/VA-scan-for-ACR-docker-images
This scripts help to conduct VA scan for docker images in ACR
nerodtm/wi-fi-password
This script helps you to steal wi-fi passwords of PC