Pinned Repositories
Anchore-CircleCI-Integration
PoC Script to integrate Anchore Engine to existing CI/CD pipeline on circle CI.
Anti-Takeover
Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Takeover monitors more than a dozen third party services for dangling subdomain pointers.
attack-surface-framework
Tool to discover external and internal network attack surface
AutoC2
AutoC2 is an Automated command and Control server deployer with isolated docker network. This terraform script + ansible playbook deploys your bare minimum C2 infra using AWS within less than 5 mins.
dependabot-alerts
This script fetches new dependabot SCA alerts(high & critical) and pushes the new open alerts to specified slack channel.
DockerPawn
An auto compromise exploit script which silently backdoors hosts running exposed docker REST API endpoints.
octopii-slack-integration
Slack integration for Octopii ( image scanner for PII) . Useful for offensive & defensive teams to quickly fetch all the image files on slack which contains sensitive PII data. just provide the timeframe and slack token ,integration script takes care of the rest.
OSCE-preparation
Few exploits developed by me while preparing for Offensive security certified expert(OSCE) certification
OSCP-FIleTransfer-PrivEsc
This is a repo for OSCP preparation. This only contains Priv Esc techniques used by me during lab , exam and few file transfer techniques specially for windows
SLAE_assignments
repository containing assignment files for SLAE(32 bit) course by security tube
strikergoutham's Repositories
strikergoutham/Anti-Takeover
Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Takeover monitors more than a dozen third party services for dangling subdomain pointers.
strikergoutham/OSCE-preparation
Few exploits developed by me while preparing for Offensive security certified expert(OSCE) certification
strikergoutham/DockerPawn
An auto compromise exploit script which silently backdoors hosts running exposed docker REST API endpoints.
strikergoutham/AutoC2
AutoC2 is an Automated command and Control server deployer with isolated docker network. This terraform script + ansible playbook deploys your bare minimum C2 infra using AWS within less than 5 mins.
strikergoutham/octopii-slack-integration
Slack integration for Octopii ( image scanner for PII) . Useful for offensive & defensive teams to quickly fetch all the image files on slack which contains sensitive PII data. just provide the timeframe and slack token ,integration script takes care of the rest.
strikergoutham/OSCP-FIleTransfer-PrivEsc
This is a repo for OSCP preparation. This only contains Priv Esc techniques used by me during lab , exam and few file transfer techniques specially for windows
strikergoutham/dependabot-alerts
This script fetches new dependabot SCA alerts(high & critical) and pushes the new open alerts to specified slack channel.
strikergoutham/SLAE_assignments
repository containing assignment files for SLAE(32 bit) course by security tube
strikergoutham/Anchore-CircleCI-Integration
PoC Script to integrate Anchore Engine to existing CI/CD pipeline on circle CI.
strikergoutham/attack-surface-framework
Tool to discover external and internal network attack surface
strikergoutham/Cerberus
Cerberus is an auto monitoring script which monitors for any cloud assets of a company grouped via common ssl cert used, which might have been exposed over the internet. It uses Shodan API internally to monitor/query company infra.
strikergoutham/dvna
Damn Vulnerable NodeJS Application
strikergoutham/gitleaks
Scan git repos for secrets using regex and entropy 🔑
strikergoutham/gitleaks-action
run gitleaks in a gitleaks action
strikergoutham/gitleaks-ci
gitleaks, but for PRs
strikergoutham/guarddog
:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
strikergoutham/Laelaps
Laelaps is a automated monitoring tool for kong gateway. Laelaps is useful for in house security engineers as it continuously monitor and notify missing/mandatory security plugins around routes/services, new routes and new services.
strikergoutham/Mahisha
Mahisha is a real time monitoring tool for accidental commit of sensitive secrets. Its a wrapper webservice which uses gitleaks to audit for secrets in real time.
strikergoutham/nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
strikergoutham/pawn_sahipro
a sample demo sahi script to get remote code execution
strikergoutham/shellcodes-32-bit-linux-
sample shellcodes i have written for 32 bit linux systems
strikergoutham/shodan-recon
shodan-recon is a cli python 3 based tool which helps to fetch useful information from shodan search engine. It uses already existing Shodan API's and it requires the end user to possess shodan API key.
strikergoutham/temp-utility-scripts
temp utility scripts
strikergoutham/test-archieve
test-archieve
strikergoutham/tf-cloud-orb