Inceptor
Inceptor is a template-driven framework designed to evade Anti-Virus (AV) and Endpoint Detection and Response (EDR) solutions, allowing users to create custom evasion techniques and test the effectiveness of their security controls. The framework provides a modular architecture, enabling users to easily create and modify templates to evade detection. Inceptor's goal is to help security professionals and researchers improve their defenses by identifying vulnerabilities and weaknesses in their security posture. With Inceptor, users can create custom templates to evade detection, test their security controls, and improve their overall security posture.
FEATURES
SIMILAR TOOLS
Performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
SharpEDRChecker scans system components to detect security products and tools.
A tool that visits suspected phishing pages, takes screenshots, and extracts interesting files.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.