38 open source projects by SpiderLabs

SpiderLabs shared Nmap Tools

A repository of tools and scripts related to malware analysis

OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)

scavenger : is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as "interesting" files containing sensitive information.

CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.

A JBoss script for obtaining remote shell access

cribdrag - an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys

A configurable SQL injection test-bed

Inject beef hooks into HTTP traffic and track hooked systems from cmdline

A Burp Extension to test applications for vulnerability to the Web Cache Deception attack

Perl/Python modules for interfacing with Metasploit MSGRPC

Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created during penetration testing.

Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.

A program to monitor network traffic and detect unauthorized sessions.

ModSecurity v3 Nginx Connector

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…

HostHunter a recon tool for discovering hostnames using OSINT techniques.

The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.

DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH).

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing using beacon's 'execute-assembly' in seconds.

Arduino-based network monitor

Python bindings for libModSecurity (aka ModSecurity v3)

A tool to parse UPnP descriptor XML files and generate SOAP control requests for use with Burp Suite or netcat

A reconnaissance tool that can quickly discover hostnames from a list of IP addresses.

The ModSecurity Pcap Connector

Updated version of the 2010 KoreLogic password cracking rules for John the Ripper

Utility to manipulate SDBM files used by ModSecurity. With that utility it is possible to _shrink_ SDBM databases. It is also possible to list the SDBM contents with filters such as: expired or invalid items only.

Repository for the OWASP/WASC Distributed Web Honeypots Project -

No description, website, or topics provided.

ModSecurity status

TCP session interception and injection framework

Oracle Database 12c password brute forcer

Ruby bindings for the yara file analysis and classification library