Clik here to view.
Git-Vuln-Finder - Finding Potential Software Vulnerabilities From Git Commit...
Finding potential software vulnerabilities from git commit messages. The output format is a JSON with the associated commit which could contain a fix regarding a software vulnerability. The search is...
View ArticleClik here to view.
Stowaway - Multi-hop Proxy Tool For Pentesters
Stowaway is Multi-hop proxy tool for security researchers and pentestersUsers can easily proxy their network traffic to intranet nodes (multi-layer)PS: The files under demo folder are Stowaway's beta...
View ArticleClik here to view.
TuxResponse - Linux Incident Response
TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to triage systems quickly, while not compromising...
View ArticleClik here to view.
LNAV - Log File Navigator
The log file navigator, lnav, is an enhanced log file viewer that takes advantage of any semantic information that can be gleaned from the files being viewed, such as timestamps and log levels. Using...
View ArticleClik here to view.
IotShark - Monitoring And Analyzing IoT Traffic
IoTShark is a IOT monitoring service that allows users to monitor their IOT devices for trends in data sent/received. Ordinarily, setting up a man in the middle attack with proper configurations can...
View ArticleClik here to view.
Karonte - A Static Analysis Tool To Detect Multi-Binary Vulnerabilities In...
Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware.Research paperWe present our approach and the findings of this work in the following research...
View ArticleClik here to view.
CHAPS - Configuration Hardening Assessment PowerShell Script
CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy Analyzer, cannot be installed. The purpose of this script is...
View ArticleClik here to view.
Heapinspect - Inspect Heap In Python
HeapInspect is designed to make heap much more prettier.Now this tool is a plugin of nadbg. Try it!FeaturesFree of gdb and other requirementMulti glibc support 2.19, 2.23-2.27 (currently tested)both...
View ArticleClik here to view.
LAVA - Large-scale Automated Vulnerability Addition
Evaluating and improving bug-finding tools is currently difficult due to a shortage of ground truth corpora (i.e., software that has known bugs with triggering inputs). LAVA attempts to solve this...
View ArticleClik here to view.
Andriller - Software Utility With A Collection Of Forensic Tools For Smartphones
Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. It has features, such...
View ArticleClik here to view.
laravelN00b - Automated Scan .env Files And Checking Debug Mode In Victim Host
Incorrect configuration allows you to access .env files or reading env variables. LaravelN00b automated scan .env files and checking debug mode in victim host.Scan rationaleScan host.Resolve IP adress...
View ArticleClik here to view.
SWFPFinder - SWF Potential Parameters Finder
SWFPFinder is a simple and open source bash script designed to discovery the potential swf (file) parameters on the webapp analysing the swf file. SWFPFinder use swfmill tool, swfmill is a tool to...
View ArticleClik here to view.
Gtfo - Search For Unix Binaries That Can Be Exploited To Bypass System...
This is a standalone script written in Python 3 for GTFOBins. You can search for Unix binaries that can be exploited to bypass system security restrictions. These binaries can be abused to get the...
View ArticleClik here to view.
Hakrawler - Simple, Fast Web Crawler Designed For Easy, Quick Discovery Of...
hakrawler is a Go web crawler designed for easy, quick discovery of endpoints and assets within a web application. It can be used to discover:FormsEndpointsSubdomainsRelated domainsJavaScript filesThe...
View ArticleClik here to view.
Shell Backdoor List - PHP / ASP Shell Backdoor List
What is a shell backdoor ?A backdoor shell is a malicious piece of code (e.g. PHP, Python, Ruby) that can be uploaded to a site to gain access to files stored on that site. Once it is uploaded, the...
View ArticleClik here to view.
LOLBITS - C# Reverse Shell Using Background Intelligent Transfer Service...
LOLBITS is a C# reverse shell that uses Microsoft's Background Intelligent Transfer Service (BITS) to communicate with the Command and Control backend. The Command and Control backend is hidden behind...
View ArticleClik here to view.
Lsassy - Extract Credentials From Lsass Remotely
Python library to remotely extract credentials. This blog post explains how it works.You can check the wikiThis library uses impacket project to remotely read necessary bytes in lsass dump and pypykatz...
View ArticleClik here to view.
Gowitness - A Golang, Web Screenshot Utility Using Chrome Headless
gowitness is a website screenshot utility written in Golang, that uses Chrome Headless to generate screenshots of web interfaces using the command line. Both Linux and macOS is supported, with Windows...
View ArticleClik here to view.
AntiCheat-Testing-Framework - Framework To Test Any Anti-Cheat
Framework to test any Anti-Cheat on the market. This can be used as Template or Code Base to test any Anti-Cheat and learn along the way. The entry level to reverse AntiCheats and Cheats is quite high,...
View ArticleClik here to view.
Bluewall - A Firewall Framework Designed For Offensive And Defensive Cyber...
Bluewall is a firewall framework designed for offensive and defensive cyber professionals. This framework allows Cybersecurity professionals to quickly setup their environment while staying within...
View Article