NCC Group Plc

Please report all security issues to security at nccgroup dot com

Pinned repositories

LoggerPlusPlus

Advanced Burp Suite Logging Extension

Java 383 95
sobelow

Security-focused static analysis for the Phoenix Framework

Elixir 1.1k 66
house

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

JavaScript 893 147
ScoutSuite

Multi-Cloud Security Auditing Tool

Python 2.8k 413
BurpSuiteHTTPSmuggler

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Java 525 84
whalescan

Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container

Python 81 10

Repositories

ScoutSuite

Multi-Cloud Security Auditing Tool

aws security auditing cloud azure gcp

Python GPL-2.0 413 2,813 179 (4 issues need help) 8 Updated Mar 8, 2021
scrying

A tool for collecting RDP, web and VNC screenshots all in one place

Rust 20 130 12 0 Updated Mar 7, 2021
sobelow

Security-focused static analysis for the Phoenix Framework

security elixir static-analysis phoenix-framework

Elixir Apache-2.0 66 1,090 8 0 Updated Mar 7, 2021
Cyber-Defence

Information released publicly by NCC Group's Cyber Incident Response Team

Python 95 385 0 0 Updated Mar 7, 2021
PMapper

A tool for quickly evaluating IAM permissions in AWS.

python aws iam botocore cloudsecurity

Python AGPL-3.0 85 490 17 (1 issue needs help) 0 Updated Mar 5, 2021
Wubes

Qubes containerization on Windows

Python 3 86 1 0 Updated Mar 4, 2021
KilledProcessCanary

A canary designed to minimize the impact from certain Ransomware actors

C# AGPL-3.0 2 51 0 0 Updated Mar 3, 2021
HTTPSignatures

A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft.

http signatures

Java MIT 4 33 1 1 Updated Mar 1, 2021
LoggerPlusPlus

Advanced Burp Suite Logging Extension

Java AGPL-3.0 95 383 20 0 Updated Feb 26, 2021
fuzzowski

the Network Protocol Fuzzer that we will want to use.

Python GPL-2.0 65 396 6 0 Updated Feb 23, 2021
Decoder-Improved

Improved decoder for Burp Suite

Java GPL-3.0 28 128 2 0 Updated Feb 19, 2021
ebpf

eBPF - extended Berkeley Packet Filter tooling

Python 11 68 2 0 Updated Feb 16, 2021
SocksOverRDP

Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop

C++ MIT 71 425 0 0 Updated Feb 15, 2021
autochrome

This tool downloads, installs, and configures a shiny new copy of Chromium.

HTML Apache-2.0 58 324 12 4 Updated Feb 12, 2021
depthcharge

A U-Boot hacking toolkit for security researchers and tinkerers

embedded-systems u-boot security-tools

Python BSD-3-Clause 5 74 17 0 Updated Feb 11, 2021
aws-inventory

Discover resources created in an AWS account.

react python aws

Python Apache-2.0 90 467 13 (1 issue needs help) 1 Updated Feb 7, 2021
wssip

Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.

nodejs websocket websockets socket-io mitm

JavaScript AGPL-3.0 61 373 15 7 Updated Jan 29, 2021
RFC-Security-Research

Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding Internet RFCs

HTML 1 7 0 0 Updated Jan 28, 2021
nccfsas

Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.

C 91 402 0 1 Updated Jan 26, 2021
azucar

Security auditing tool for Azure environments

PowerShell AGPL-3.0 80 351 14 0 Updated Jan 23, 2021
idahunt

idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro

Python 46 216 1 0 Updated Jan 13, 2021
binja_explain_instruction

A plugin that adds a popup window to Binary Ninja that explains in simple English what an assembly instruction does

Python Apache-2.0 9 30 2 0 Updated Jan 13, 2021
abstractshimmer

Proof of concept for CVE-2020-15257 in containerd.

Go Apache-2.0 1 5 0 0 Updated Jan 12, 2021
Solitude

Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating user privacy within an app accessible for everyone.

CSS AGPL-3.0 2 10 0 0 Updated Jan 9, 2021
dapr

Driver Attack Platform for Linux

TypeScript 5 10 10 7 Updated Jan 5, 2021
pybeacon

A collection of scripts for dealing with Cobalt Strike beacons in Python

Python 17 125 0 0 Updated Jan 5, 2021
TPMGenie

TPM Genie is an I2C bus interposer for discrete Trusted Platform Modules

raspberry-pi security arduino teensy hardware tpm trusted-platform-module

C++ 17 124 4 0 Updated Jan 4, 2021
phantap

Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams

C GPL-3.0 64 415 2 0 Updated Dec 31, 2020
house

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

android mobile frida pentest-tool

JavaScript MIT 147 893 7 0 Updated Dec 27, 2020
Berserko

Burp Suite extension to perform Kerberos authentication

Java AGPL-3.0 17 89 5 0 Updated Dec 22, 2020

Top languages

Python C# Java Shell C

Most used topics

security python aws pentesting android

Feb	MAR	Apr
	08
2020	2021	2022

Pinned repositories

Repositories

Top languages

Most used topics

People