Clik here to view.
NamedPipePTH - Pass The Hash To A Named Pipe For Token Impersonation
This project is a PoC code to use Pass-the-Hash for authentication on a local Named Pipe user Impersonation. There also is a blog post for explanation:https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/It...
View ArticleClik here to view.
RdpCacheStitcher - RdpCacheStitcher Is A Tool That Supports Forensic Analysts...
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps. Using raw RDP cache tile bitmaps extracted by tools like e.g. ANSSI's BMC-Tools...
View ArticleClik here to view.
Squalr - Squalr Memory Editor - Game Hacking Tool Written In C#
Squalr Official WebsiteJoin us on our Discord ChannelSqualr is performant Memory Editing software that allows users to create and share cheats in their windows desktop games. This includes memory...
View ArticleClik here to view.
Swift-Attack - Unit Tests For Blue Teams To Aid With Building Detections For...
Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods. I have included some post exploitation examples using both command linehistory and on disk...
View ArticleClik here to view.
HashCheck - Tool To Assist In The Search For Leaked Passwords
This project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the k-anonymity method.To achieve this, the APIs of different services are used, sending...
View ArticleClik here to view.
CamOver - A Camera Exploitation Tool That Allows To Disclosure Network Camera...
CamOver is a camera exploitation tool that allows to disclosure network camera admin password.FeaturesExploits vulnerabilities in most popular camera models such as CCTV, GoAhead and Netwave.Optimized...
View ArticleClik here to view.
DarkLoadLibrary - LoadLibrary For Offensive Operations
LoadLibrary for offensive operations.How does is work?https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/UsageDARKMODULE DarkModule = DarkLoadLibrary( LOAD_LOCAL_FILE, // control...
View ArticleClik here to view.
Shreder - A Powerful Multi-Threaded SSH Protocol Password Bruteforce Tool
Shreder is a powerful multi-threaded SSH protocol password brute-force tool.FeaturesVery fast password guessing, just one password in 0.1 second.Optimized for big password lists, Shreder tries 1000...
View ArticleClik here to view.
Fully-Homomorphic-Encryption - Libraries And Tools To Perform Fully...
This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set.About Fully Homomorphic EncryptionFully Homomorphic Encryption...
View ArticleClik here to view.
RomBuster - A Router Exploitation Tool That Allows To Disclosure Network...
RomBuster is a router exploitation tool that allows to disclosure network router admin password.FeaturesExploits vulnerabilities in most popular routers such as D-Link, Zyxel, TP-Link and...
View ArticleClik here to view.
BlobHunter - Find Exposed Data In Azure With This Public Blob Scanner
An opensource tool for scanningAzure blob storage accounts for publicly opened blobs. BlobHunter is a part of "Hunting Azure Blobs Exposes Millions of Sensitive Files"...
View ArticleClik here to view.
CamRaptor - Tool That Exploits Several Vulnerabilities In Popular DVR Cameras...
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.FeaturesExploits vulnerabilities in most popular camera models such as Novo, CeNova...
View ArticleClik here to view.
SharpHook - Tool Tath Uses Various API Hooks In Order To Give Us The Desired...
SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials.In the background it uses the EasyHook project, Once the desired process is up...
View ArticleClik here to view.
HoneyCreds - Network Credential Injection To Detect Responder And Other...
HoneyCreds network credential injection to detect responder and other network poisoners. RequirementsRequires Python 3.6+ (tested on Python 3.9)smbprotocolcffisplunk-sdkInstallationgit clone...
View ArticleClik here to view.
Mythic - A Collaborative, Multi-Platform, Red Teaming Framework
A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It's designed to provide a collaborative and user friendly interface for...
View ArticleClik here to view.
Heappy - A Happy Heap Editor To Support Your Exploitation Process
Heappy is an editor based on gdb/gef that helps you to handle the heap during your exploitation development. The project should be considered a didactic tool useful to understand the evolution of the...
View ArticleClik here to view.
AWS Pen-Testing Laboratory - Pentesting Lab With A Kali Linux Instance...
PenTesting laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wireguard VPN. Vulnerable instances in a private subnet.NOTE:Ids only defined for...
View ArticleClik here to view.
WAF-A-MoLE - A Guided Mutation-Based Fuzzer For ML-based Web Application...
A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al.Given an input SQL injection query, it tries to produce a...
View ArticleClik here to view.
S3-Account-Search - S3 Account Search
This tool lets you find the account id an S3 bucket belongs too.For this to work you need to have at least one of these permissions:Permission to download a known file from the bucket...
View ArticleClik here to view.
Forblaze - A Python Mac Steganography Payload Generator
Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C file for you which will be compiled to pull desired encrypted URLs out of...
View Article