GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mattrotlevi → lava

mattrotlevi / lava

Licence: GPL-3.0 license
Microsoft Azure Exploitation Framework

Programming Languages

python
139335 projects - #7 most used programming language

Labels

microsoftcloudazurepenetration-testingvulnerability-assessment

Projects that are alternatives of or similar to lava

Rapidscan
🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+1584.78%)
Mutual labels:  penetration-testing, vulnerability-assessment
Vanquish
Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (+876.09%)
Mutual labels:  penetration-testing, vulnerability-assessment
Vulscan
Advanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+4910.87%)
Mutual labels:  penetration-testing, vulnerability-assessment
Jackhammer
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+1276.09%)
Mutual labels:  penetration-testing, vulnerability-assessment
H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+22619.57%)
Mutual labels:  penetration-testing, vulnerability-assessment
Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (+123.91%)
Mutual labels:  penetration-testing, vulnerability-assessment
Lnkup
Generates malicious LNK file payloads for data exfiltration
Stars: ✭ 205 (+345.65%)
Mutual labels:  microsoft, penetration-testing
Msgraph Sdk Powershell
Powershell SDK for Microsoft Graph
Stars: ✭ 239 (+419.57%)
Mutual labels:  microsoft
FritzBoxTelefon-dingsbums
Das Fritz!Box Telefon-dingsbums ist ein Outlook-Addin, welches ein direktes Wählen der Kontakte aus Outlook ermöglicht. Zusätzlich bietet es nützliche Funktionen, wie einen Anrufmonitor oder eine Rückwärtssuche.
Stars: ✭ 16 (-65.22%)
Mutual labels:  microsoft
Azure Event Hubs
☁️ Cloud-scale telemetry ingestion from any stream of data with Azure Event Hubs
Stars: ✭ 233 (+406.52%)
Mutual labels:  microsoft
Azure Powershell
Microsoft Azure PowerShell
Stars: ✭ 2,873 (+6145.65%)
Mutual labels:  microsoft
Timelinestoryteller
An expressive visual storytelling environment for presenting timelines on the web and in Power BI. Developed at Microsoft Research.
Stars: ✭ 244 (+430.43%)
Mutual labels:  microsoft
SSI Extra Materials
In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them
Stars: ✭ 42 (-8.7%)
Mutual labels:  penetration-testing
Checkedc
Checked C is an extension to C that lets programmers write C code that is guaranteed by the compiler to be type-safe. The goal is to let people easily make their existing C code type-safe and eliminate entire classes of errors. Checked C does not address use-after-free errors. This repo has a wiki for Checked C, sample code, the specification, a…
Stars: ✭ 2,692 (+5752.17%)
Mutual labels:  microsoft
DacFx
SQL Server database schema validation, deployment, and upgrade runtime. Enables declarative database development and database portability across SQL Server versions and environments.
Stars: ✭ 152 (+230.43%)
Mutual labels:  microsoft
Api Management Developer Portal
Azure API Management developer portal.
Stars: ✭ 229 (+397.83%)
Mutual labels:  microsoft
SSH-PuTTY-login-bruteforcer
Turn PuTTY into an SSH login bruteforcing tool.
Stars: ✭ 222 (+382.61%)
Mutual labels:  penetration-testing
Xbox-GDK-Samples
Game development samples published by the Xbox Advanced Technology Group using the Microsoft GDK.
Stars: ✭ 128 (+178.26%)
Mutual labels:  microsoft
Intel-One
Command line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…
Stars: ✭ 23 (-50%)
Mutual labels:  penetration-testing
gvm-tools
Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Stars: ✭ 143 (+210.87%)
Mutual labels:  vulnerability-assessment
View All Similar Projects ➔ 
.____                         
|    |   _____ ___  _______   
|    |   \__  \\  \/ /\__  \  
|    |___ / __ \\   /  / __ \_
|_______ (____  /\_/  (____  /
        \/    \/           \/

Lava is a Microsoft Azure exploitation framework.

Background

Inspired by Pacu for AWS by RhinoSecurityLabs, I wanted to create a tool that did not simply do configuration reviews of Azure cloud environments, but one that takes that extra step with useful exploitation modules for penetration testing. The framework was initially developed during my time at MWR InfoSecurity.

Lava was designed with the intent to make the process of adding modules they deem useful as easy as possible for a penetration tester.

Installation

git clone https://github.com/mattrotlevi/lava.git
./setup.sh (hit enter for all the prompts)

Usage

root@computer# python3 lava.py

.____                         
|    |   _____ ___  _______   
|    |   \__  \  \/ /\__  \  
|    |___ / __ \   /  / __ \_
|_______ (____  /\_/  (____  /
        \/    \/           \/ 
              `  .`           
             -o..o`           
         .-  :o.+/   -        
      `::`-- :o`o``---        
       -+o```-+./ .`-``       
         .+-+.::-:/``.        
          `+o++o:o+/`         
          -sosooooo:          
         .hhhdhyosyy.         
        .hyhhhyhhhdyy.        
       -hhhddydhhdydyh:       
      +dhdhhdhhdddhdhhdo`     
    -ydddyhhddyhdhdhdddhy:    
  .shhhddhddhddhddydhhddyds.  
 -++++++++++++++++++++++++++- 

  
Lava $> 

Lava $> help

		banner			        --->	print ascii art banner
		clear/clean		        --->	clear the screen
		list/ls			        --->	prints all the modules and categories
		exec [module_name]	        --->	executes a module
		exec [module_name] ?	        --->	prints help of a module
		az [rest of command]	        --->	directly runs azure command
		help			        --->	prints this help screen
		exit			        --->	exits lava

		informational commands:
		whoami			        --->	prints info about current subscription
		rgroups			        --->	prints info about resource groups

Running exec [module_name] ? prints that individual module's help string and usage

Lava $> exec vm_list ?
usage:
	exec vm_list [-rgrp resource-group] ---> will list all vms and public/private ips

The exfil_file_search module requires a bit of outside setup to work. I provided a small php file that will handle receiving the gzip with sensitive files and will handle writing it to a directory called "/uploads"

I tested the module with ngrok.io

Installing ngrok.io:
follow the super easy installation guide at https://ngrok.com/download
  • Place ngrok in a directory with the exfil.php file and a subdirectory called /uploads (make sure write is enabled)
  • run ./nrgok
  • run the exfil data module and supply the ngrok url and data will automatically be exfiltrated

Contributing

The intent of this project is to help pentesters in an Azure engagement. I specifically attempted to make the framework as easy to add to and extend as possible.

Therefore, if you want to add your own modules please feel free to submit a pull request, clone, or whatever.

For major changes, please open an issue first to discuss what you would like to change.

License

https://choosealicense.com/licenses/gpl-3.0/

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].