DumpsterFire Toolset
Security Incidents In A Box! The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts. The toolset is designed to be dynamically extensible, allowing you to create your own Fires (event modules) to add to the included collection of toolset Fires. Just write your own Fire module and drop it into the FireModules directory. The DumpsterFire toolset will auto-detect your custom Fires at startup and make them available for use.
FEATURES
ALTERNATIVES
ISF (Industrial Exploitation Framework) - An exploitation framework for industrial systems with various ICS protocol clients and exploit modules.
A visual guide illustrating attack paths and techniques for exploiting vulnerabilities in GitHub Actions configurations.
Collection of penetration testing scripts for AWS with a focus on reconnaissance.
Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications.
Modular framework for web services penetration testing with support for various attacks.
A reminder that technology alone is not enough to stay secure against social engineering tactics.
A script to enumerate Google Storage buckets and determine access and privilege escalation
High-performant, coroutines-driven, and fully customisable Low & Slow load generator for real-world pentesting with undetectability through Tor.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.