GOAD
GOAD is a pentest active directory LAB project that provides pentesters with a vulnerable Active Directory environment to practice attack techniques. The lab includes different versions like GOAD (5 vms, 2 forests, 3 domains), GOAD-Light (3 vms, 1 forest, 2 domains), SCCM (4 vms, 1 forest, 1 domain with Microsoft Configuration Manager), and NHA (a challenge with 5 vms and 2 domains). The lab requires about 77GB of space for VMs and a total of ~115 GB for the entire lab.
FEATURES
ALTERNATIVES
A blog post discussing the often overlooked dangers of CSV injection in applications.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
Cyber security platform for automating adversary emulation, red-team assistance, and incident response, built on the MITRE ATT&CK™ framework.
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
Python-based toolkit for network hacking with various implemented techniques and supported by Securetia SRL.
A repository containing material for Android greybox fuzzing with AFL++ Frida mode
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.