NCC Group Plc

Repositories

BinProxy

BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.

Ruby AGPL-3.0 32 149 4 5 Updated Aug 7, 2020

blackboxprotobuf

Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.

protobuf burp

Python MIT 13 124 0 0 Updated Aug 7, 2020

ScoutSuite

Multi-Cloud Security Auditing Tool

aws security auditing cloud azure gcp

Python GPL-2.0 324 2,146 71 (3 issues need help) 10 Updated Aug 3, 2020

depthcharge

A U-Boot hacking toolkit for security researchers and tinkerers

embedded-systems u-boot security-tools

Python BSD-3-Clause 4 34 18 0 Updated Aug 3, 2020

dapr

Driver Attack Platform for Linux

TypeScript 3 7 10 3 Updated Jul 31, 2020

wssip

Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.

nodejs websocket websockets socket-io mitm

JavaScript AGPL-3.0 56 357 14 4 Updated Jul 30, 2020

LoggerPlusPlus

Advanced Burp Suite Logging Extension

Java AGPL-3.0 82 325 18 0 Updated Jul 27, 2020

libptmalloc

Heap analysis tooling for ptmalloc

Python 4 20 6 0 Updated Jul 22, 2020

sobelow

Security-focused static analysis for the Phoenix Framework

security elixir static-analysis phoenix-framework

Elixir Apache-2.0 58 978 7 0 Updated Jul 21, 2020

PMapper

A tool for quickly evaluating IAM permissions in AWS.

python aws iam botocore cloudsecurity

Python AGPL-3.0 72 404 23 (1 issue needs help) 1 Updated Jul 16, 2020

dirble

Fast directory scanning and scraping tool

web tool pentest pentest-tool

Rust GPL-3.0 62 431 10 0 Updated Jul 16, 2020

scrying

A tool for collecting RDP, web and VNC screenshots all in one place

Rust 4 13 7 0 Updated Jul 14, 2020

Sniffle

A sniffer for Bluetooth 5 and 4.x LE

C 52 347 8 0 Updated Jul 13, 2020

Winstrument

Winstrument is a framework of modular scripts to aid in instrumenting Windows software using Frida for reverse engineering and attack surface analysis.

Python GPL-3.0 2 14 0 0 Updated Jul 12, 2020

thetick

A simple embedded Linux backdoor.

Python LGPL-3.0 22 164 1 0 Updated Jul 11, 2020

The_Automotive_Threat_Modeling_Template

NCC Group Template for the Microsoft Threat Modeling Tool 2016 for Automotive Security

12 24 2 0 Updated Jul 10, 2020

SocksOverRDP

Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop

C++ 54 313 0 0 Updated Jul 8, 2020

Cyber-Defence

Information released publicly by NCC Group's Cyber Defence team

Python 93 338 0 0 Updated Jul 8, 2020

Berserko

Burp Suite extension to perform Kerberos authentication

Java AGPL-3.0 17 83 4 0 Updated Jul 6, 2020

nccfsas

Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.

C 26 96 0 1 Updated Jul 2, 2020

sadcloud

A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure

HCL AGPL-3.0 22 190 6 0 Updated Jun 30, 2020

pairing-bls12381

Pairing operations over the BLS12-381 elliptic curve in Haskell

Haskell BSD-3-Clause 0 3 1 0 Updated Jun 28, 2020

BurpImportSitemap

Import To Sitemap is a Burp Suite Extension to import wstalker CSV file or ZAP export file into Burp Sitemap

Java AGPL-3.0 1 0 0 0 Updated Jun 16, 2020

listips

A script that uses nmap to expand IP ranges into a list of IPs

bash networking nmap ip pentesting

Shell GPL-3.0 2 3 0 0 Updated Jun 11, 2020

tracy

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

chrome-extension firefox security chrome firefox-addon xss browser-extension

JavaScript MIT 57 418 4 0 Updated May 21, 2020

GTFOBLookup

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)

python pentesting redteam privesc pentesting-tools gtfobins lolbas

Python GPL-3.0 16 91 0 0 Updated May 19, 2020

singularity

A DNS rebinding attack framework.

dns iot attack vulnerability dns-rebinding

JavaScript MIT 87 540 0 0 Updated May 11, 2020

house

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

android mobile frida pentest-tool

JavaScript MIT 125 757 4 0 Updated May 10, 2020

typofinder

A finder of domain typos showing country of IP address

Python AGPL-3.0 39 123 13 1 Updated May 6, 2020

wstalker

WStalker: an easy proxy

proxy

Go AGPL-3.0 7 19 0 0 Updated May 5, 2020