Clik here to view.
HikPwn - A Simple Scanner For Hikvision Devices
HikPwn, a simple scanner for Hikvision devices with basic vulnerability scanning capabilities written in Python 3.8. This project was born out of curiosity while I was capturing and watching network...
View ArticleClik here to view.
SSHPry v2.0 - Spy and Control os SSH Connected client's TTY
This is a second release of SSHPry tool, with multiple features added.Control of target's TTYBuilt-In KeyloggerConsole-Level phishingRecord & Replay previous sessionsDemoBlogpost:...
View ArticleClik here to view.
Angrgdb - Use Angr Inside GDB - Create An Angr State From The Current...
Use angr inside GDB. Create an angr state from the current debugger state.Installpip install angrgdbecho "python import angrgdb.commands" >> ~/.gdbinitUsageangrgdb implements the angrdbg API in...
View ArticleClik here to view.
OSSEM - Open Source Security Events Metadata
The Open Source Security Events Metadata (OSSEM) is a community-led project that focuses primarily on the documentation and standardization of security event logs from diverse data sources and...
View ArticleClik here to view.
DNSteal v2.0 - DNS Exfiltration Tool For Stealthily Sending Files Over DNS...
This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests.Below are a couple of different images showing examples of multiple file transfer and...
View ArticleClik here to view.
Git-Hound v1.1 - GitHound Pinpoints Exposed API Keys On GitHub Using Pattern...
A batch-catching, pattern-matching, patch-attacking secret snatcher.GitHound pinpoints exposed API keys and other sensitive information on GitHub using pattern matching, commit history searching, and a...
View ArticleClik here to view.
MSOLSpray - A Password Spraying Tool For Microsoft Online Accounts (Azure/O365)
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if...
View ArticleClik here to view.
Tails 4.5 - Live System to Preserve Your Privacy and Anonymity
The Tails team is happy to publish Tails 4.5, the first version of Tails to support Secure Boot.This release also fixes many security vulnerabilities. You should upgrade as soon as possible.New...
View ArticleClik here to view.
Tentacle - A POC Vulnerability Verification And Exploit Framework
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform...
View ArticleClik here to view.
Chromepass - Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features:Decrypt Chrome saved paswordsSend a file with the login/password combinations remotely...
View ArticleClik here to view.
Richkit - Domain Enrichment Toolkit
Richkit is a python3 package that provides tools taking a domain name as input, and returns addtional information on that domain. It can be an analysis of the domain itself, looked up from data-bases,...
View ArticleClik here to view.
Eavesarp - Analyze ARP Requests To Identify Intercommunicating Hosts And...
A reconnaissance tool that analyzes ARP requests to identify hosts that are likely communicating with one another, which is useful in those dreaded situations where LLMNR/NBNS aren't in use for name...
View ArticleClik here to view.
Ps-Tools - An Advanced Process Monitoring Toolkit For Offensive Operations
Having a good technical understanding of the systems we land on during an engagement is a key condition for deciding what is going to be the next step within an operation. Collecting and analysing data...
View ArticleClik here to view.
Lunar - A Lightweight Native DLL Mapping Library That Supports Mapping...
A lightweight native DLL mapping library that supports mapping directly from memoryFeaturesImports and delay imports are resolvedRelocations are performedImage sections are mapped with the correct page...
View ArticleClik here to view.
Serverless Prey - Serverless Functions For Establishing Reverse Shells To...
Serverless Prey is a collection of serverless functions (FaaS), that, once launched to a cloud environment and invoked, establish a TCP reverse shell, enabling the user to introspect the underlying...
View ArticleClik here to view.
Audix - A PowerShell Tool To Quickly Configure The Windows Event Audit...
Audix will allow for the SIMPLE configuration of Windows Event Audit Policies. Window's Audit Policies are restricted by default. This means that for Incident Responders, Blue Teamers, CISO's &...
View ArticleClik here to view.
Privacy Badger - A Browser Extension That Automatically Learns To Block...
Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to block, Privacy Badger learns by watching which domains appear to be...
View ArticleClik here to view.
Inhale - A Malware Analysis And Classification Tool
Inhale is a malware analysis and classification tool that is capable of automating and scaling many static analysis operations.This is the beta release version, for testing purposes, feedback, and...
View ArticleClik here to view.
Sherloq - An Open-Source Digital Image Forensic Toolset
An open source image forensic toolsetIntroduction"Forensic Image Analysis is the application of image science and domain expertise to interpret the content of an image and/or the image itself in legal...
View ArticleClik here to view.
Lollipopz - Data Exfiltration Utility For Testing Detection Capabilities
Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only.Exfiltration How-To/etc/shadow -> HTTP GET requestsServer#...
View Article