Clik here to view.
Androwarn - Yet Another Static Code Analyzer For Malicious Android Applications
Androwarn is a tool whose main aim is to detect and warn the user about potential malicious behaviours developped by an Android application.The detection is performed with the static analysis of the...
View ArticleClik here to view.
WPScan v3.4.5 - Black Box WordPress Vulnerability Scanner
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their...
View ArticleClik here to view.
Got-Responded - A Simple Tool To Detect NBT-NS And LLMNR Spoofing
Pentesters, Redteamers and even real attackers love to use tools like Responder to spoof LLMNR and/or NBT-NS responses. There are some awesome other tools to help with detection, such as respounder....
View ArticleClik here to view.
H2T - Scans A Website And Suggests Security Headers To Apply
h2t is a simple tool to help sysadmins to hardening their websites.Until now h2t checks the website headers and recommends how to make it better.DependencesPython 3coloramarequestsInstall$ git clone...
View ArticleClik here to view.
Xori - An Automation-Ready Disassembly And Static Analysis Library For PE32,...
Xori is an automation-ready disassembly and static analysis library that consumes shellcode or PE binaries and provides triage analysis data.Acknowledgements:Xori wouldn't exist without inspiration and...
View ArticleClik here to view.
LAPSToolkit - Tool To Audit And Attack LAPS Environments
Functions written in PowerShell that leverage PowerView to audit and attack Active Directory environments that have deployed Microsoft's Local Administrator Password Solution (LAPS). It includes...
View ArticleClik here to view.
Flightsim - A Utility To Generate Malicious Network Traffic And Evaluate...
flightsim is a lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility. The tool performs tests to simulate DNS...
View ArticleClik here to view.
Mutiny Fuzzing Framework - Network Fuzzer That Operates By Replaying PCAPs...
The Mutiny Fuzzing Framework is a network fuzzer that operates by replaying PCAPs through a mutational fuzzer. The goal is to begin network fuzzing as quickly as possible, at the expense of being...
View ArticleClik here to view.
Reconerator - C# Targeted Attack Reconnaissance Tools
This is a custom .NET assembly which will perform a number of situational awareness activities. There are a number of current featuresets:BASIC - Obtains information from the disk and registry.LDAP -...
View ArticleClik here to view.
WinPwn - Automation For Internal Windows Penetrationtest
In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. For this reason I wrote my own script with automatic...
View ArticleClik here to view.
phpMussel - PHP-based Anti-Virus Anti-Trojan Anti-Malware Solution
phpMussel is an ideal solution for shared hosting environments, where it's often not possible to utilize or install conventional anti-virus protection solutions, phpMussel is a PHP script designed to...
View ArticleClik here to view.
Just-Metadata - Tool That Gathers And Analyzes Metadata About IP Addresses
Just-Metadata is a tool that can be used to gather intelligence information passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen....
View ArticleClik here to view.
FFM (Freedom Fighting Mode) - Open Source Hacking Harness
FFM is a hacking harness that you can use during the post-exploitation phase of a red-teaming engagement. The idea of the tool was derived from a 2007 conference from @thegrugq.It was presented at...
View ArticleClik here to view.
Wireshark Cheatsheet
Wireshark, whose old name is Ethereal; It is a program that can run in many operating systems such as Windows, Linux, MacOS or Solaris and can analyze all the traffic going to network cards connected...
View ArticleClik here to view.
IDArling - Collaborative Reverse Engineering Plugin For IDA Pro & Hex-Rays
IDArling is a collaborative reverse engineeringplugin for IDA Pro and Hex-Rays. It allows to synchronize in real-time the changes made to a database by multiple users, by connecting together different...
View ArticleClik here to view.
Commando VM - The First of Its Kind Windows Offensive Distribution
Welcome to CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming.Installation (Install Script)RequirementsWindows 7 Service Pack 1 or Windows 1060...
View ArticleClik here to view.
Mimikatz v2.2.0 - A Post-Exploitation Tool to Extract Plaintexts Passwords,...
mimikatz is a tool I've made to learn C and make somes experiments with Windows security.It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz...
View ArticleClik here to view.
Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And...
Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target.How to useIf you have no idea what are you doing just type the command...
View ArticleClik here to view.
Evillimiter - Limits Bandwidth Of Devices On The Same Network
A tool to limit the bandwidth (upload/download) of devices connected to your network without physical or administrative access.evillimiter employs ARP spoofing and traffic shaping to throttle the...
View ArticleClik here to view.
Instainsane - Multi-threaded Instagram Brute Forcer
Instainsane is a Shell Script to perform multi-threaded brute force attack against Instagram, this script can bypass login limiting and it can test infinite number of passwords with a rate of about...
View Article