SecGame #1: Sauron
SG6 Labs Investigación, desarrollo y reflexiones entorno a la (in)seguridad de la información. En este entorno, se ejecutan una serie de servicios web vulnerables, con el objetivo de escalar privilegios y obtener acceso root. Colabora con SG6 Labs en el desarrollo de nuevas máquinas virtuales y aporta tus investigaciones y ideas.
FEATURES
SIMILAR TOOLS
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
Self-hosted Fuzzing-As-A-Service platform for continuous developer-driven fuzzing.
Tool for attacking Active Directory environments through SQL Server access.
A tool to dump login passwords from Linux desktop users, leveraging cleartext credentials in memory.
An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.
An open-source security tool that simulates network breaches by self-propagating across data centers to test organizational resilience against lateral movement attacks.
Emulates Docker HTTP API with event logging and AWS deployment script.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.