Clik here to view.
BADministration - Tool Which Interfaces with Management or Administration...
BADministration is a tool which interfaces with management or administration applications from an offensive standpoint. It attempts to provide offsec personnel a tool with the ability to identify and...
View ArticleClik here to view.
WAES - Auto Enums Websites And Dumps Files As Result
Doing HTB or other CTFs enumeration against targets with HTTP(S) can become trivial. It can get tiresome to always run the same script/tests on every box eg. nmap, nikto, dirb and so on. A one-click on...
View ArticleClik here to view.
Osmedeus v1.5 - Fully Automated Offensive Security Framework For...
Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target.Installationgit clone https://github.com/j3ssie/Osmedeuscd...
View ArticleClik here to view.
AbsoluteZero - Python APT Backdoor
This project is a Python APT backdoor, optimized for Red Team Post Exploitation Tool, it can generate binary payload or pure python source. The final stub uses polymorphic encryption to give a first...
View ArticleClik here to view.
Seccomp Tools - Provide Powerful Tools For Seccomp Analysis
Provide powerful tools for seccomp analysis.This project is targeted to (but not limited to) analyze seccomp sandbox in CTF pwn challenges. Some features might be CTF-specific, but still useful for...
View ArticleClik here to view.
HackerTarget ToolKit v2.0 - Tools And Network Intelligence To Help...
Use open source tools and network intelligence to help organizations with attack surface discovery and identification of security vulnerabilities. Identification of an organizations vulnerabilities is...
View ArticleClik here to view.
ThreatHunting - A Splunk App Mapped To MITRE ATT&CK To Guide Your Threat Hunts
This is a Splunk application containing several dashboards and over 120 reports that will facilitate initial hunting indicators to investigate.You obviously need to be ingesting Sysmon data into...
View ArticleClik here to view.
Goop - Google Search Scraper (Bypass CAPTCHA)
goop can perform google searches without being blocked by the CAPTCHA or hitting any rate limits.How it works?Facebook provides a debugger tool for its scraper. Interestingly, Google doesn't limit the...
View ArticleClik here to view.
Findomain v0.2.1 - The Fastest And Cross-Platform Subdomain Enumerator
The fastest and cross-platform subdomain enumerator.ComparisionIt comparision gives you a idea why you should use findomain instead of another tools. The domain used for the test was microsoft.com in...
View ArticleClik here to view.
Sampler - A Tool For Shell Commands Execution, Visualization And Alerting...
Sampler is a tool for shell commands execution, visualization and alerting. Configured with a simple YAML file.InstallationmacOSbrew cask install samplerorcurl -Lo /usr/local/bin/sampler...
View ArticleClik here to view.
DrMITM - Program Designed To Globally Log All Traffic Of A Website
DrMITM is a program designed to globally log all traffic.How it worksDrMITM sends a request to website and returns the IP of the website just in case the server of the website is designed to rely on...
View ArticleClik here to view.
DockerSecurityPlayground - A Microservices-based Framework For The Study Of...
Docker Security Playground is an application that allows you to:Create network and network security scenarios, in order to understand network protocols, rules, and security issues by installing DSP in...
View ArticleClik here to view.
Airflowscan - Checklist And Tools For Increasing Security Of Apache Airflow
Checklist and tools for increasing security of Apache Airflow.DISCLAIMERThis project NOT AFFILIATED with the Apache Foundation and the Airflow project, and is not endorsed by them.ContentsThe purpose...
View ArticleClik here to view.
Diaphora - The Most Advanced Free And Open Source Program Diffing Tool
Diaphora (διαφορά, Greek for 'difference') is a program diffing plugin for IDA, similar to Zynamics Bindiff or other FOSS counterparts like YaDiff, DarunGrim, TurboDiff, etc... It was released during...
View ArticleClik here to view.
Iris - WinDbg Extension To Perform Basic Detection Of Common Windows Exploit...
Iris WinDbg extension performs basic detection of common Windows exploit mitigations (32 and 64 bits).The checks implemented, as can be seen in the screenshot above, are (for the loaded...
View ArticleClik here to view.
Firmware Slap - Discovering Vulnerabilities In Firmware Through Concolic...
Firmware slap combines concolic analysis with function clustering for vulnerability discovery and function similarity in firmware. Firmware slap is built as a series of libraries and exports most...
View ArticleClik here to view.
Dow Jones Hammer - Protect The Cloud With The Power Of The cloud(AWS)
Dow Jones Hammer is a multi-account cloud security tool for AWS. It identifies misconfigurations and insecure data exposures within most popular AWS resources, across all regions and accounts. It has...
View ArticleClik here to view.
"Can I Take Over XYZ?" - A List Of Services And How To Claim (Sub)Domains...
What is a subdomain takeover?Subdomain takeover vulnerabilities occur when a subdomain (subdomain.example.com) is pointing to a service (e.g. GitHub pages, Heroku, etc.) that has been removed or...
View ArticleClik here to view.
Eyeballer - Convolutional Neural Network For Analyzing Pentest Screenshots
Give those screenshots of yours a quick eyeballing.Eyeballer is meant for large-scope network penetration tests where you need to find "interesting" targets from a huge set of web-based hosts. Go ahead...
View ArticleClik here to view.
pwnedOrNot v1.2.6 - OSINT Tool to Find Passwords for Compromised Email Addresses
OSINT Tool to Find Passwords for Compromised Email AccountspwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps.FeaturedOSINT Collection Tools...
View Article