strikergoutham Goto Github PK

anchore-circleci-integration

PoC Script to integrate Anchore Engine to existing CI/CD pipeline on circle CI.

anti-takeover

Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Takeover monitors more than a dozen third party services for dangling subdomain pointers.

attack-surface-framework

Tool to discover external and internal network attack surface

autoc2

AutoC2 is an Automated command and Control server deployer with isolated docker network. This terraform script + ansible playbook deploys your bare minimum C2 infra using AWS within less than 5 mins.

cerberus

Cerberus is an auto monitoring script which monitors for any cloud assets of a company grouped via common ssl cert used, which might have been exposed over the internet. It uses Shodan API internally to monitor/query company infra.

dependabot-alerts

This script fetches new dependabot SCA alerts(high & critical) and pushes the new open alerts to specified slack channel.

dockerpawn

An auto compromise exploit script which silently backdoors hosts running exposed docker REST API endpoints.

dvna

Damn Vulnerable NodeJS Application

gitleaks

Scan git repos for secrets using regex and entropy 🔑

gitleaks-action

run gitleaks in a gitleaks action

gitleaks-ci

gitleaks, but for PRs

guarddog

:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages

laelaps

Laelaps is a automated monitoring tool for kong gateway. Laelaps is useful for in house security engineers as it continuously monitor and notify missing/mandatory security plugins around routes/services, new routes and new services.

mahisha

Mahisha is a real time monitoring tool for accidental commit of sensitive secrets. Its a wrapper webservice which uses gitleaks to audit for secrets in real time.

nodejsscan

nodejsscan is a static security code scanner for Node.js applications.

octopii-slack-integration

Slack integration for Octopii ( image scanner for PII) . Useful for offensive & defensive teams to quickly fetch all the image files on slack which contains sensitive PII data. just provide the timeframe and slack token ,integration script takes care of the rest.

osce-preparation

Few exploits developed by me while preparing for Offensive security certified expert(OSCE) certification

oscp-filetransfer-privesc

This is a repo for OSCP preparation. This only contains Priv Esc techniques used by me during lab , exam and few file transfer techniques specially for windows

pawn_sahipro

a sample demo sahi script to get remote code execution

shellcodes-32-bit-linux-

sample shellcodes i have written for 32 bit linux systems

shodan-recon

shodan-recon is a cli python 3 based tool which helps to fetch useful information from shodan search engine. It uses already existing Shodan API's and it requires the end user to possess shodan API key.

slae_assignments

repository containing assignment files for SLAE(32 bit) course by security tube

temp-utility-scripts

temp utility scripts

test-archieve

test-archieve

tf-cloud-orb