Moki is a modification of Kali Linux geared towards ICS/SCADA pentesting professionals, incorporating various ICS/SCADA tools scattered around the internet. Install by running: `wget https://goo.gl/Sn7Cwi -O setup.sh; sh setup.sh --help` Current tools include: * Quickdraw SCADA * Snort Rules from Digital Bond * CoDeSys exploit from Digital Bond * PLC Scan from Dmitry Efanov * Modscan from Mark Bristow * Siemens S7 metasploit modules from Dillon Beresford * Siemens S7 wireshark dissector from Thomas Wiens
FEATURES
ALTERNATIVES
Collection of vulnerable ARM binaries for beginner vulnerability researchers & exploit developers.
A tool to remove malicious artifacts from Microsoft Office documents, preventing malware infections and data breaches.
ISF (Industrial Exploitation Framework) - An exploitation framework for industrial systems with various ICS protocol clients and exploit modules.
Emulates Docker HTTP API with event logging and AWS deployment script.
Create a vulnerable active directory for testing various Active Directory attacks.
A tool that finds more information about a given URL or domain by querying multiple data sources.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.