Clik here to view.
Allsafe - Intentionally Vulnerable Android Application
Allsafe is an intentionally vulnerable application that contains various vulnerabilities. Unlike other vulnerable Android apps, this one is less like a CTF and more like a real-life application that...
View ArticleClik here to view.
Hash-Buster v3.0 - Crack Hashes In Seconds
Why crack hashes when you can bust them?FeaturesAutomatic hash type identificationSupports MD5, SHA1, SHA256, SHA384, SHA512Can extract & crack hashes from a fileCan find hashes from a directory,...
View ArticleClik here to view.
Beanshooter - JMX Enumeration And Attacking Tool
Beanshooter is a command line tool written in Java, which helps to identify common vulnerabilities on JMX endpoints.IntroductionJMX stands for Java Management Extensions and can be used to monitor and...
View ArticleClik here to view.
Pstf2 - Passive Security Tools Fingerprinting Framework
Have you ever wanted a simple, easy and stealth bypass for multiple classes of security products? pstf^2 (pronounced pstf-square) is an implementation of an HTTP server capable of passive browser...
View ArticleClik here to view.
TeamsUserEnum - User Enumeration With Microsoft Teams API
Sometimes user enumeration could be sometimes useful during the reconnaissance of an assessment. This tool will determine if an email is registered on teams or not. More details on the immunIT's...
View ArticleClik here to view.
In0ri - Defacement Detection With Deep Learning
In0ri is a defacement detection system utilizing a image-classification convolutional neural network.IntroductionWhen monitoring a website, In0ri will periodically take a screenshot of the website then...
View ArticleClik here to view.
Pathprober - Probe And Discover HTTP Pathname Using Brute-Force Methodology...
Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once.PurposeBrute-forcing website directories or HTTP pathname and validate using HTTP...
View ArticleClik here to view.
Terraguard - Create And Destroy Your Own VPN Service Using WireGuard
This project's goal is to be simple to create and destroy your own VPN service using WireGuard.PrerequisitesTerraform >= 1.0.0Ansible >= 2.10.5How to DeployTerraformRun with sudo is necessary...
View ArticleClik here to view.
Ppmap - A Scanner/Exploitation Tool Written In GO, Which Leverages Prototype...
A simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets (checks for specific variables in the global context) to perform XSS via Prototype Pollution....
View ArticleClik here to view.
Rconn - Rconn Is A Multiplatform Program For Creating Generic Reverse...
rconn (r[everse] conn[ection]) is a multiplatform program for creating reverse connections. It lets you consume services that are behind NAT and/or firewall without adding firewall rules or...
View ArticleClik here to view.
Juumla - Tool Designed To Identify And Scan For Version, Config Files In The...
Juumla is a python tool developed to identify the current Joomla version and scan for readable Joomla config files.Installing / Getting started A quick guide of how to install and use Juumla. 1. Clone...
View ArticleClik here to view.
Dorothy - Tool To Test Security Monitoring And Detection For Okta Environments
Created by David French (@threatpunter) at Elastic SecurityDorothy is a tool to help security teams test their monitoring and detection capabilities for their Okta environment. Dorothy has several...
View ArticleClik here to view.
Reconmap - VAPT (Vulnerability Assessment And Penetration Testing) Automation...
Reconmap is a vulnerability assessment and penetration testing (VAPT) platform. It helps software engineers and infosec pros collaborate on security projects, from planning, to implementation and...
View ArticleClik here to view.
TokenTactics - Azure JWT Token Manipulation Toolset
Azure JSON Web Token ("JWT") Manipulation ToolsetAzure access tokens allow you to authenticate to certain endpoints as a user who signs in with a device code. Even if they used multi-factor...
View ArticleClik here to view.
LoGiC.NET - A More Advanced Free And Open .NET Obfuscator Using Dnlib
LoGiC.NET is a free and open-source .NET obfuscator that uses dnlib for folks that want to see how obfuscation works with more complex obfuscations than Goldfuscator for example.Before obfuscationAfter...
View ArticleClik here to view.
CredPhish - A PowerShell Script Designed To Invoke Legitimate Credential...
CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on CredentialPicker to collect user passwords, Resolve-DnsName for DNS exfiltration, and...
View ArticleClik here to view.
Radare2 - UNIX-like Reverse Engineering Framework And Command-Line Toolset
r2 is a rewrite from scratch of radare. It provies a set of libraries, tools and plugins to ease reverse engineering tasks.The radare project started as a simple command-line hexadecimal editor...
View ArticleClik here to view.
Sniffle - A Sniffer For Bluetooth 5 And 4.X LE
Sniffle is a sniffer for Bluetooth 5 and 4.x (LE) using TI CC1352/CC26x2 hardware.Sniffle has a number of useful features, including:Support for BT5/4.2 extended length advertisement and data...
View ArticleClik here to view.
Rtl_433 - Program To Decode Radio Transmissions From Devices On The ISM Bands...
rtl_433 (despite the name) is a generic data receiver, mainly for the 433.92 MHz, 868 MHz (SRD), 315 MHz, 345 MHz, and 915 MHz ISM bands.The official source code is in the...
View ArticleClik here to view.
LightMe - HTTP Server Serving Obfuscated Powershell Scripts/Payloads
LightMe is a Simple HTTP Server serving Powershell Scripts/Payloads after Obfuscate them and run obfuscation as a service in backgroud in order to keep obfuscate the payloads which giving almost new...
View Article