@nccgroup

NCC Group Plc

Please report all security issues to security at nccgroup dot trust

Pinned repositories

  1. BurpSuiteLoggerPlusPlus

    Burp Suite Logger++: Log activities of all the tools in Burp Suite

    Java 152 41

  2. autochrome

    This tool downloads, installs, and configures a shiny new copy of Chromium.

    HTML 93 14

  3. Scout2

    Security auditing tool for AWS environments

    Python 1.4k 248

  4. sobelow

    Security-focused static analysis for the Phoenix Framework

    Elixir 597 39

  5. Cyber-Defence

    Information released publicly by NCC Group's Cyber Defence team

    Python 173 49

  6. G-Scout

    Google Cloud Platform Security Tool

    Python 127 22

  • tracy

    A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

    security xss browser-extension xss-detection security-tools
    Go 206 28 MIT 2 issues need help Updated Sep 23, 2018

  • PMapper

    A tool for quickly evaluating IAM permissions in AWS.

    python aws iam botocore
    Python 97 23 AGPL-3.0 Updated Sep 22, 2018

  • Scout2

    Security auditing tool for AWS environments

    aws security
    Python 1,356 248 GPL-2.0 Updated Sep 21, 2018

  • asadbg

    asadbg is a framework of tools to aid in automating live debugging of Cisco ASA devices

    Python 45 18 BSD-3-Clause Updated Sep 21, 2018

  • asafw

    Set of scripts to deal with Cisco ASA firmware [pack/unpack etc.]

    Shell 37 11 BSD-3-Clause Updated Sep 21, 2018

  • kube-auto-analyzer

    Kubernetes Auto Analyzer

    kubernetes security
    HTML 147 12 AGPL-3.0 Updated Sep 20, 2018

  • Winpayloads

    Undetectable Windows Payload Generation

    python windows powershell persistence uac meter antivirus
    Python 886 247 Apache-2.0 Updated Sep 20, 2018

  • hashcrack

    Guesses hash types, picks some sensible dictionaries and rules for hashcat

    Python 5 AGPL-3.0 Updated Sep 20, 2018

  • G-Scout

    Google Cloud Platform Security Tool

    security-audit gcp
    Python 127 21 GPL-3.0 Updated Sep 17, 2018

  • demiguise

    HTA encryption tool for RedTeams

    Python 455 100 AGPL-3.0 Updated Sep 17, 2018

  • idahunt

    idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro

    Python 112 23 Updated Sep 13, 2018

  • singularity

    A DNS rebinding attack framework

    dns attack vulnerability dns-rebinding
    HTML 191 33 MIT Updated Sep 12, 2018

  • TriforceAFL

    AFL/QEMU fuzzing with full-system emulation.

    C 377 82 Updated Sep 8, 2018

  • nOBEX

    nOBEX allows emulating the PBAP, MAP, and HFP profiles to test vehicle infotainment systems and similar devices using these profiles

    Python 18 3 GPL-3.0 Updated Sep 6, 2018

  • yocto-whitepaper-examples

    Example code included in the "Improving Your Embedded Linux Security Posture with Yocto" whitepaper

    linux security yocto openembedded
    Python 1 MIT Updated Sep 4, 2018

  • asatools

    Main repository to pull all NCC Group Cisco ASA-related tool projects.

    Shell 164 39 Updated Aug 24, 2018

  • proxmark3-amiimicyou

    Proxmark3 Amiibo simulator as shown at Recon Montreal 2018

    C 11 2 Updated Aug 24, 2018

  • blackboxprotobuf

    Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.

    protobuf burp
    Python 11 2 MIT Updated Aug 23, 2018

  • aws-inventory

    Discover resources created in an AWS account.

    react python aws
    Python 101 14 Apache-2.0 Updated Aug 23, 2018

  • freddy

    Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans

    Java 219 33 AGPL-3.0 Updated Aug 19, 2018

  • house

    A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

    android mobile frida pentest-tool
    Python 311 39 MIT 1 issue needs help Updated Aug 14, 2018

  • sobelow

    Security-focused static analysis for the Phoenix Framework

    security elixir static-analysis phoenix-framework
    Elixir 597 39 Apache-2.0 Updated Aug 14, 2018

  • AutoRepeater

    Automated HTTP Request Repeating With Burp Suite

    security burp-plugin burpsuite
    Java 258 30 MIT Updated Aug 10, 2018

  • azucar

    Security auditing tool for Azure environments

    PowerShell 92 17 AGPL-3.0 Updated Aug 2, 2018

  • wssip

    Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.

    nodejs websocket websockets socket-io mitm
    JavaScript 245 46 AGPL-3.0 Updated Aug 1, 2018

  • umap2

    Umap2 is the second revision of NCC Group's python based USB host security assessment tool.

    Python 109 26 AGPL-3.0 Updated Jul 31, 2018

  • BurpSuiteHTTPSmuggler

    A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

    waf bypass burpsuite burpsuite-extender
    Java 226 30 AGPL-3.0 Updated Jul 27, 2018

  • BurpSuiteLoggerPlusPlus

    Burp Suite Logger++: Log activities of all the tools in Burp Suite

    Java 152 41 AGPL-3.0 Updated Jul 25, 2018

  • opinel

    Python code shared by Scout2 and AWS-Recipes

    Python 16 15 GPL-2.0 Updated Jul 20, 2018

  • yaml2yara

    Generate bulk YARA rules from YAML input

    yaml yara yara-signatures
    HTML 10 AGPL-3.0 Updated Jul 17, 2018
    • 18

    People
    @acatinahat @apdavis @deed02392 @edeca @ha1fpint @inquisb @irsdl @lllama @m4ttl @metrodango @neonbunny @nickthegreek @NullMode @olliencc @raesene @Reverite