Pinned Repositories
api-server
JSON API for Lair
atat-web-ui
ATAT Web UI. A single-page application.
AttackSurfaceMapper
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
aws_public_ips
Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
blackhat-arsenal-tools
Official Black Hat Arsenal Security Tools Repository
browser-scripts
Collection of small JavaScript functions and scripts that can be used in the browser to interact with Lair
lair
Lair is a reactive attack collaboration framework and web application built with meteor.
x-a-n-d-e-r-k's Repositories
x-a-n-d-e-r-k/browser-scripts
Collection of small JavaScript functions and scripts that can be used in the browser to interact with Lair
x-a-n-d-e-r-k/lair
Lair is a reactive attack collaboration framework and web application built with meteor.
x-a-n-d-e-r-k/atat-web-ui
ATAT Web UI. A single-page application.
x-a-n-d-e-r-k/AttackSurfaceMapper
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
x-a-n-d-e-r-k/Contracts
A small collection of potentially useful contract templates
x-a-n-d-e-r-k/discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
x-a-n-d-e-r-k/docker-lair-app
x-a-n-d-e-r-k/drone-nessus
Parses a nessus XML file into a lair project
x-a-n-d-e-r-k/drone-nmap
Parses an NMap XML file into a lair project
x-a-n-d-e-r-k/drone-ssl-hosts
Drone for importing hostnames based on SSL/TLS certificate information into Lair.
x-a-n-d-e-r-k/drone-whois
Import netblocks from whois data
x-a-n-d-e-r-k/follina
x-a-n-d-e-r-k/fuzzy
Adaptation of FuzzDB by fuzzdb-project
x-a-n-d-e-r-k/Go365
An Office365 User Attack Tool
x-a-n-d-e-r-k/gobuster
Directory/File, DNS and VHost busting tool written in Go
x-a-n-d-e-r-k/http-vuln-cve2020-3452.nse
CVE-2020-3452 : Cisco ASA and FTD Unauthorized Remote File Reading Nmap NSE Script
x-a-n-d-e-r-k/identYwaf
Blind WAF identification tool
x-a-n-d-e-r-k/Keye
Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
x-a-n-d-e-r-k/lair-docker
lair-docker-compose repo
x-a-n-d-e-r-k/minifyjsfile
x-a-n-d-e-r-k/pylair
Python library to interact with Lair 2.0 API server
x-a-n-d-e-r-k/ReconPi
ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.
x-a-n-d-e-r-k/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
x-a-n-d-e-r-k/SauronEye
Search tool to find specific files containing specific words, i.e. files containing passwords..
x-a-n-d-e-r-k/SQL-Password-Tool
You can use this to create a new account with SA Privileges or change the SA account's password if you have forgotten it.
x-a-n-d-e-r-k/takeover
Sub-Domain TakeOver Vulnerability Scanner
x-a-n-d-e-r-k/terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
x-a-n-d-e-r-k/Ventoy
A new bootable USB solution.
x-a-n-d-e-r-k/x-a-n-d-e-r-k.github.io
NotBored Website
x-a-n-d-e-r-k/zork
Source code for a 1977 version of Zork