Clik here to view.
Bucky - An Automatic S3 Bucket Discovery Tool
Bucky is an automatic tool designed to discover S3 bucket misconfiguration, Bucky consists up of two modules Bucky firefox addon and Bucky backend engine. Bucky addon reads the source code of the...
View ArticleClik here to view.
magicRecon - A Powerful Shell Script To Maximize The Recon And Data...
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in...
View ArticleClik here to view.
Dent - A Framework For Creating COM-based Bypasses Utilizing Vulnerabilities...
More InformationIf you want to learn more about the techniques utlized in this framework please take a look at this article.DescriptionThis framework generates code to exploit vulnerabilties in...
View ArticleClik here to view.
Arkhota - A Web Brute Forcer For Android
What?Arkhota is a web (HTTP/S) brute forcer for Android.Why?A web brute forcer is always in a hacker's computer, for obvious reasons. Sometimes attacks require to be quick or/and with minimal device...
View ArticleClik here to view.
Onelinepy - Python Obfuscator To Generate One-Liners And FUD Payloads
 Python Obfuscator To Generate One-Liners And FUD Payloads.Download & Rungit clone https://github.com/spicesouls/onelinepycd onelinepychmod +x setup.sh./setup.shonelinepyUsage Guide _ _ ___ ___...
View ArticleClik here to view.
403Fuzzer - Fuzz 403/401Ing Endpoints For Bypasses
Fuzz 403ing endpoints for bypassesFollow on twitter! @intrudirThis tool will check the endpoint with a couple of headers such as X-Forwarded-ForIt will also apply different payloads typically used in...
View ArticleClik here to view.
Bn-Uefi-Helper - Helper Plugin For Analyzing UEFI Firmware
Helper plugin for analyzing UEFI firmware. This plugin contains the following features:Apply the correct prototype to the entry point functionFix segments so all segments are RWX and have the correct...
View ArticleClik here to view.
Penglab - Abuse Of Google Colab For Cracking Hashes
Abuse of Google Colab for fun and profit.What is it ?Penglab is a ready-to-install setup on Google Colab for cracking hashes with an incredible power, really useful for CTFs. (See benchmarks below.)It...
View ArticleClik here to view.
Metarget - Framework Providing Automatic Constructions Of Vulnerable...
1 IntroductionMetarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and...
View ArticleClik here to view.
Shepard - In Progress Persistent Download/Upload/Execution Tool Using Windows...
This is an IN PROGRESS persistance tool using Windows Background Intelligent Transfer Service (BITS).Functionality: File Download, File Exfiltration, File Download + Persistent ExecutionUsage: run...
View ArticleClik here to view.
Typodetect - Detect The Active Mutations Of Domains
This tool gives blue teams, SOC's, researchers and companies the ability to detect the active mutations of their domains, thus preventing the use of these domains in fraudulent activities, such as...
View ArticleClik here to view.
Krane - Kubernetes RBAC Static Analysis And Visualisation Tool
Krane is a simple Kubernetes RBAC static analysis tool. It identifies potential security risks in K8s RBAC design and makes suggestions on how to mitigate them. Krane dashboard presents current RBAC...
View ArticleClik here to view.
Caronte - A Tool To Analyze The Network Flow During Attack/Defence Capture...
Caronte is a tool to analyze the network flow during capture the flag events of type attack/defence. It reassembles TCP packets captured in pcap files to rebuild TCP connections, and analyzes each...
View ArticleClik here to view.
RedWarden - Flexible CobaltStrike Malleable Redirector
RedWarden - Flexible CobaltStrike Malleable Redirector(previously known as proxy2'smalleable_redirector plugin)Let's raise the bar in C2 redirectors IR resiliency, shall we?Red Teaming business has...
View ArticleClik here to view.
Totp-Ssh-Fluxer - Take Security By Obscurity To The Next Level (This Is A Bad...
Some people change their SSH port on their servers so that it is slightly harder to find for bots or other nasties, and while that is generally viewed as an action of security through obscurity it does...
View ArticleClik here to view.
Link - A Command And Control Framework Written In Rust
link is a command and control framework written in rust. Currently in beta.Introductionlink provides MacOS, Linux and Windows implants which may lack the necessary evasive tradecraft provided by other...
View ArticleClik here to view.
ColdFire - Golang Malware Development Library
Golang malware development frameworkIntroductionColdFire provides various methods useful for malware development in Golang.Most functions are compatible with both Linux and Windows operating...
View ArticleClik here to view.
Bbscope - Scope Gathering Tool For HackerOne, Bugcrowd, And Intigriti!
The ultimate scope gathering tool for HackerOne, Bugcrowd, and Intigriti by sw33tLie.Need to grep all the large scope domains that you've got on your bug bounty platforms? This is the right tool for...
View ArticleClik here to view.
SharpWebServer - HTTP And WebDAV Server With Net-NTLM Hashes Capture...
A Red Team oriented simple HTTP & WebDAV server written in C# with functionality to capture Net-NTLM hashes. To be used for serving payloads on compromised machines for lateral movement...
View ArticleClik here to view.
Libinjection - SQL / SQLI Tokenizer Parser Analyzer
SQL / SQLI tokenizer parser analyzer. ForC and C++PHPPythonLuaJava (external port)[LuaJIT/FFI] (https://github.com/p0pr0ck5/lua-ffi-libinjection) (external port)See https://www.client9.com/ for details...
View Article