SpiderLabs

Repositories

• ModSecurity

  ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…

  nginx apache waf apache2 modsecurity
  C++ Apache-2.0 1,080 4,001 154 (1 issue needs help) 23 Updated Dec 16, 2020

• HostHunter

  HostHunter a recon tool for discovering hostnames using OSINT techniques.

  open-source osint tool hacking python3 penetration-testing ip
  Python MIT 83 367 0 0 Updated Dec 15, 2020

• secrules-language-tests

  Set of test cases that can be used to test custom implementations of the SecRules language (ModSecurity rules format).
  Perl 12 10 2 0 Updated Nov 6, 2020

• ModSecurity-nginx

  ModSecurity v3 Nginx Connector

  nginx waf modsecurity modsecurity-nginx nginx-connector libmodsecurity
  Perl Apache-2.0 167 764 12 4 Updated Nov 5, 2020

• ModSecurity-log-utilities

  Set of CLI tools to transform ModSecurity logs into a meaningful information, given a context.
  Python Apache-2.0 15 30 2 2 Updated Oct 23, 2020

• ModSecurity-apache

  ModSecurity v3 Apache Connector

  apache waf apache2 modsecurity libmodsecurity
  Perl Apache-2.0 40 64 15 3 Updated Oct 20, 2020

• cve_server

  Simple REST-style web service for the CVE searching

  ruby api database api-server api-rest cve cpe
  Ruby Apache-2.0 37 78 5 1 Updated Oct 16, 2020

• OWASP-CRS-regressions Archived

  Regression tests for OWASP CRS v3
  Python Apache-2.0 12 16 7 1 Updated Aug 7, 2020

• OWASP-CRS-Documentation Archived

  Documentation for the OWASP CRS project
  Python Apache-2.0 19 39 2 5 Updated Aug 7, 2020

• groupenum Archived
  Python 16 49 0 0 Updated Aug 7, 2020

• msfrpc Archived

  Perl/Python modules for interfacing with Metasploit MSGRPC
  Python 62 85 3 2 Updated Aug 7, 2020

• portia Archived

  Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
  PowerShell Apache-2.0 129 471 6 2 Updated Aug 7, 2020

• cribdrag Archived

  cribdrag - an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys
  Python GPL-3.0 61 153 0 0 Updated Aug 7, 2020

• Firework Archived

  Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.
  Python 9 45 0 0 Updated Aug 7, 2020

• SharpCompile Archived

  SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing…
  C# 60 258 0 0 Updated Aug 7, 2020

• DoHC2 Archived

  DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH).
  C# 82 363 2 (1 issue needs help) 0 Updated Aug 7, 2020

• deblaze Archived

  Performs method enumeration and interrogation against flash remoting end points.
  Python GPL-3.0 20 34 0 4 Updated Aug 7, 2020

• MCIR Archived

  The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.
  PHP GPL-3.0 146 403 0 1 Updated Aug 7, 2020

• Nmap-Tools Archived

  SpiderLabs shared Nmap Tools
  Lua 88 216 1 4 Updated Aug 7, 2020

• jboss-autopwn Archived

  A JBoss script for obtaining remote shell access
  Shell GPL-3.0 63 165 0 1 Updated Aug 7, 2020

• microphisher Archived

  µphisher spear phishing tool (reference implementation)
  Ruby GPL-3.0 16 33 0 0 Updated Jun 26, 2020

• owasp-modsecurity-crs Archived

  OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
  Perl Apache-2.0 677 2,217 39 (2 issues need help) 10 Updated Jun 16, 2020

• Responder Archived

  Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
  Python GPL-3.0 1,174 3,348 35 11 Updated Jun 15, 2020

• IOCs-IDPS

  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  19 54 0 0 Updated Apr 30, 2020

• Misc

  A repository for miscellaneous files shared by SpiderLabs
  2 1 0 0 Updated Jan 20, 2020

• SCShell

  Forked from Mr-Un1k0d3r/SCShell

  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  Python 133 94 0 0 Updated Nov 20, 2019

• ikeforce Archived
  Python 60 193 7 3 Updated Sep 18, 2019

• net-tns

  Net::TNS, a Ruby library for connecting to Oracle databases.
  Ruby Apache-2.0 18 30 3 0 Updated May 7, 2019

• advisories-poc
  C 11 14 1 0 Updated Mar 5, 2019

• modsec-sdbm-util

  Utility to manipulate SDBM files used by ModSecurity. With that utility it is possible to _shrink_ SDBM databases. It is also possible to list the SDBM contents with filters such as: expired or invalid items only.
  C Apache-2.0 16 18 1 0 Updated Feb 28, 2019