Clik here to view.
Truegaze - Static Analysis Tool For Android/iOS Apps Focusing On Security...
A static analysis tool for Android and iOS applications focusing on security issues outside the source code such as resource strings, third party libraries and configuration files.RequirementsPython 3...
View ArticleClik here to view.
goDoH - A DNS-over-HTTPS C2
godoh is a proof of concept Command and Control framework, written in Golang, that uses DNS-over-HTTPS as a transport medium. Currently supported providers include Google, Cloudflare but also contains...
View ArticleClik here to view.
PEpper - An Open Source Script To Perform Malware Static Analysis On Portable...
An open source tool to perform malware static analysis on Portable Executable Installationeva@paradise:~$ git clone https://github.com/Th3Hurrican3/PEpper/eva@paradise:~$ cd PEppereva@paradise:~$ pip3...
View ArticleClik here to view.
Applepie - A Hypervisor For Fuzzing Built With WHVP And Bochs
Hello! Welcome to applepie! This is a tool designed for fuzzing, introspection, and finding bugs! This is a hypervisor using the Windows Hypervisor Platform API present in recent versions of Windows...
View ArticleClik here to view.
Pyshark - Python Wrapper For Tshark, Allowing Python Packet Parsing Using...
Python wrapper for tshark, allowing python packet parsing using wireshark dissectors.Extended documentation: http://kiminewt.github.io/pysharkPython2 deprecation - This package no longer supports...
View ArticleClik here to view.
Hacktronian - All In One Hacking Tool For Linux & Android
***Pentesing Tools That All Hacker Needs.***HACKTRONIAN Menu :Information GatheringPassword AttacksWireless TestingExploitation ToolsSniffing & SpoofingWeb HackingPrivate Web HackingPost...
View ArticleClik here to view.
PoshC2 - C2 Server and Implants
PoshC2 is a proxy aware C2 framework that utilises Powershell and/or equivalent (System.Management.Automation.dll) to aid penetration testers with red teaming, post-exploitation and lateral movement....
View ArticleClik here to view.
AutoRDPwn v5.0 - The Shadow Attack Framework
AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability (listed as a feature by Microsoft)...
View ArticleClik here to view.
Covenant - A .NET Command And Control Framework For Red Teamers
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control...
View ArticleClik here to view.
LDAPDomainDump - Active Directory Information Dumper Via LDAP
Active Directory information dumper via LDAPIntroductionIn an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP...
View ArticleClik here to view.
IPRotate - Extension For Burp Suite Which Uses AWS API Gateway To Rotate Your...
Extension for Burp Suite which uses AWS API Gateway to change your IP on every request.More info: https://rhinosecuritylabs.com/aws/bypassing-ip-based-blocking-aws/DescriptionThis extension allows you...
View ArticleClik here to view.
Sublert - Security And Reconnaissance Tool Which Leverages Certificate...
Sublert is a security and reconnaissance tool that was written in Python to leverage certificate transparency for the sole purpose of monitoring new subdomains deployed by specific organizations and...
View ArticleClik here to view.
Airgeddon v9.21 - A Multi-use Bash Script for Linux Systems to Audit Wireless...
This is a multi-use bash script for Linux systems to auditwireless networks.All the needed info about how to "install | use | enjoy" airgeddon is present at Github's Wiki.I. Content &...
View ArticleClik here to view.
AIL Framework - Framework for Analysis of Information Leaks
AIL is a modular framework to analyse potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams. AIL framework is flexible...
View ArticleClik here to view.
4CAN - Open Source Security Tool to Find Security Vulnerabilities in Modern Cars
Open Source Security Tool to Find Security Vulnerabilities in Modern Cars.hardwareTested on the following raspbian images using a pi3b+Apr 2019 (kernel 4.14.98-v7+)Oct 2018 (kernel 4.14.71-v7+)Jun 2018...
View ArticleClik here to view.
EVABS - Extremely Vulnerable Android Labs
An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very...
View ArticleClik here to view.
PHPStan - PHP Static Analysis Tool (Discover Bugs In Your Code Without...
PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code. It moves PHP closer to compiled languages in the...
View ArticleClik here to view.
NebulousAD - Automated Credential Auditing Tool
NebulousAD Automated Credential Auditing Tool.InstallationSimply download the precompiled release (requires no python interpreter), or build from source:Requires Python2.7 (for now)Run git clone...
View ArticleClik here to view.
Sudomy - Subdomain Enumeration & Analysis
Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way.FeaturesFor recent time, Sudomy has these 9 features:Easy,...
View ArticleClik here to view.
RedHunt OS v2 - Virtual Machine For Adversary Emulation And Threat Hunting
Virtual Machine for Adversary Emulation and Threat Hunting by RedHunt LabsRedHunt OS aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal...
View Article