ManaTI - A Web-Based Tool To Assist The Work Of The Intuitive Threat Analysts

Machine Learning for Threat Intuitive Analysis The goal of the ManaTI project is to develop machine learning techniques to assist an intuitive threat analyst to speed the discovery of new security problems. The machine learning will contribute to the analysis by finding new relationships and...

Applepie - A Hypervisor For Fuzzing Built With WHVP And Bochs

Hello! Welcome to applepie! This is a tool designed for fuzzing, introspection, and finding bugs! This is a hypervisor using the Windows Hypervisor Platform API present in recent versions of Windows specifically this was developed and tested on Windows 10 17763. Bochs is used for providing deep...

goDoH - A DNS-over-HTTPS C2

godoh is a proof of concept Command and Control framework, written in Golang, that uses DNS-over-HTTPS as a transport medium. Currently supported providers include Google, Cloudflare but also contains the ability to use traditional DNS. Installation All you would need are the godoh binaries...

BADministration - Tool Which Interfaces with Management or Administration Applications from an Offensive Standpoint

BADministration is a tool which interfaces with management or administration applications from an offensive standpoint. It attempts to provide offsec personnel a tool with the ability to identify and leverage these non-technical vulnerabilities. As always: use for good, promote security, and figh...

Spykeyboard - Keylogger Which Sends Us The Data To Our Gmail

This is a script which allows us to generate an undetectable keylogger which sends the captured keys to our gmail mail. Once we generated our keylogger in our kali linux we would have to pass the .py file to a windows machine to convert it to an .exe. The tool is under development. Install module...

Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image

Real-time face swap and video deepfake with a single click and only a single image. Disclaimer This deepfake software is designed to be a productive tool for the AI-generated media industry. It can assist artists in animating custom characters, creating engaging content, and even using models for...

GPT_Vuln-analyzer - Uses ChatGPT API And Python-Nmap Module To Use The GPT3 Model To Create Vulnerability Reports Based On Nmap Scan Data

This is a Proof Of Concept application that demostrates how AI can be used to generate accurate results for vulnerability analysis and also allows further utilization of the already super useful ChatGPT. Requirements Python 3.10 All the packages mentioned in the requirements.txt file OpenAi api...

Pown.js - A Security Testing An Exploitation Toolkit Built On Top Of Node.js And NPM

Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like Metasploits, Pown.js considers frameworks to be an anti-pattern. Therefore, each module in Pown is in fact a standalone NPM module allowing greater degree of reuse and...

Jaeles - The Swiss Army Knife For Automated Web Application Testing

Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation go get -u github.com/jaeles-project/jaeles Please visit the Official Documention for more details. Checkout Signature Repo for base signature. Usage More usage...

Terraform AWS Secure Baseline - Terraform Module To Set Up Your AWS Account With The Secure Baseline Configuration Based On CIS Amazon Web Services Foundations

Terraform Module Registry A terraform module to set up your AWS account with the reasonably secure configuration baseline. Most configurations are based on CIS Amazon Web Services Foundations v1.2.0. See Benchmark Compliance to check which items in CIS benchmark are covered. Starting from v0.10.0...

mpDNS - Multi-Purpose DNS Server

Simple, configurable "clone & run" DNS Server with multiple useful features Should work on Python 2 and 3 names.db - holds all custom records see examples Simple wildcards like .example.com Catch unicode dns requests Custom actions aka macro: shellexec::dig google.com +short - Execute shell comma...

Kippo - SSH Honeypot

Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker. Kippo is inspired, but not based on Kojoney. Features Some interesting features: Fake filesystem with the ability to add/remove files. A fu...

XIP - Tool To Generate A List Of IP Addresses By Applying A Set Of Transformations Used To Bypass Security Measures E.G. Blacklist Filtering, WAF, Etc.

XIP generates a list of IP addresses by applying a set of transformations used to bypass security measures e.g. blacklist filtering, WAF, etc. Further explaination on our blog post article Usage python3 xip.py --help Docker alternative Official image You can pull the official Drupwn image from th...

W3Brute - Automatic Web Application Brute Force Attack Tool

w3brute is an open source penetration testing tool that automates attacks directly to the website's login page. w3brute is also supported for carrying out brute force attacks on all websites. Features 1. Scanner: w3brute has a scanner feature that serves to support the bruteforce attack process...

PoshC2 - Powershell C2 Server and Implants

PoshC2 is a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement. The tools and modules were developed off the back of our successful PowerShell sessions and payload types for the Metasploit Framework...

Npcap - the Nmap Project's packet sniffing library for Windows

Npcap is an update of WinPcap to NDIS 6 Light-Weight Filter LWF technique. It supports Windows Vista, 7, 8 and 10 . It is sponsored by the Nmap Project and developed by Yang Luo under Google Summer of Code 2013 and 2015 . It also received many helpful tests from Wireshark and NetScanTools...

AzSubEnum - Azure Service Subdomain Enumeration

AzSubEnum is a specialized subdomain enumeration tool tailored for Azure services. This tool is designed to meticulously search and identify subdomains associated with various Azure services. Through a combination of techniques and queries, AzSubEnum delves into the Azure domain structure,...

LightMe - HTTP Server Serving Obfuscated Powershell Scripts/Payloads

LightMe is a Simple HTTP Server serving Powershell Scripts/Payloads after Obfuscate them and run obfuscation as a service in backgroud in order to keep obfuscate the payloads which giving almost new obfuscated payload on each HTTP request Main Features Obfuscate all powershell files within a...

Gatekeeper - First Open-Source DDoS Protection System

Gatekeeper is the first open source DoS protection system. It is designed to scale to any peak bandwidth, so it can withstand DoS attacks both of today and of tomorrow. In spite of the geographically distributed architecture of Gatekeeper, the network policy that describes all decisions that have...

BurpMetaFinder - Burp Suite Extension For Extracting Metadata From Files

Burp Suite extension for extracting metadata from files Currently supported documents: PDF DOCX PPTX XLSX The project created at Jetbrains has been completely added. Don't forget to change the settings you need. Usage You need to dowload 2 external libraries: pdfbox poi-ooxml To install the...

Covenant - A .NET Command And Control Framework For Red Teamers

Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. Covenant is an ASP.NET Core, cross-platform application that includes a...

GitGot - Semi-automated, Feedback-Driven Tool To Rapidly Search Through Troves Of Public Data On GitHub For Sensitive Secrets

GitGot is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive secrets. How it Works During search sessions, users will provide feedback to GitGot about search results to ignore, and GitGot prunes the set of results. Users...

FTPBruter - A FTP Server Brute Forcing Tool

Brute forcing tool for FTP server. FTPBruter can work in any OS if they have and support Python 3. Feature Brute force a FTP server with a username or a list of usernames That's all. Install and Run on Linux You have to install Python 3 first: Install Python 3 on Arch Linux and its distros: sudo...

SILENTTRINITY - A Post-Exploitation Agent Powered By Python, IronPython, C#/.NET

A post-exploitation agent powered by Python, IronPython, C/.NET. Requirements Server requires Python = 3.7 SILENTTRINITY C implant requires .NET = 4.5 How it works Notes .NET runtime support The implant needs .NET 4.5 or greater due to the IronPython DLLs being compiled against .NET 4.0, also the...

Gitleaks - Searches Full Repo History For Secrets And Keys

Searches Full Repo History For Secrets And Keys. Installing go get -u github.com/zricethezav/gitleaks Usage and Explanation ./gitleaks options Gitleaks audits local and remote repos by running regex checks against all commits. Options usage: gitleaks options / Options: -u --user Git user mode -r...

[FoxOne] Free OSINT Tool - Server Reconnaissance Scanner

FoxOne is a free OSINT tool, described by the author th3j35t3r as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel o...

Zircolite - A Standalone SIGMA-based Detection Tool For EVTX, Auditd And Sysmon For Linux Logs

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for linux or JSONL/NDJSON Logs Zircolite is a standalone tool written in Python 3. It allows to use SIGMA rules on MS Windows EVTX EVTX and JSONL format, Auditd logs and Sysmon for Linux logs Zircolite can be used directly on the...

Kali-Whoami - A Privacy Tool Developed To Keep You Anonymous On Kali Linux At The Highest Level

The purpose of the Whoami tool makes you as anonymous as possible on Kali linux. It is an user friendly with its ease of use and simple interface. It follows two different paths to ensure the highest possible level of anonymity. Finally, don't forget that there is never a hundred percent security...

Talon - A Password Guessing Tool That Targets The Kerberos And LDAP Services Within The Windows Active Directory Environment

Talon is a tool designed to perform automated password guessing attacks while remaining undetected. Talon can enumerate a list of users to identify which users are valid, using Kerberos. Talon can also perform a password guessing attack against the Kerberos and LDAPS LDAP Secure services. Talon c...

Runtime Mobile Security (RMS) - A Powerful Web Interface That Helps You To Manipulate Android Java Classes And Methods At Runtime

Runtime Mobile Security RMS , powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime. You can easily dump all the loaded classes and relative methods, hook everything on the fly, trace methods args and return value, load custom scrip...

Gadgetinspector - A Byte Code Analyzer For Finding Deserialization Gadget Chains In Java Applications

This project inspects Java libraries and classpaths for gadget chains. Gadgets chains are used to construct exploits for deserialization vulnerabilities. By automatically discovering possible gadgets chains in an application's classpath penetration testers can quickly construct exploits and...

Flashsploit - Exploitation Framework For ATtiny85 Based HID Attacks

Flashsploit is an Exploitation Framework for Attacks using ATtiny85 HID Devices such as Digispark USB Development Board, flashsploit generates Arduino IDE Compatible .ino Scripts based on User Input and then Starts a Listener in Metasploit-Framework if Required by the Script, in Summary : Automat...

MASSCAN - Mass IP port scanner (fastest Internet port scanner)

This is the fastest Internet port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second. It produces results similar to nmap, the most famous port scanner. Internally, it operates more like scanrand, unicornscan, and ZMap, using asynchronous...

[WinDbg v6.12.2.633] Debugging Tools for Windows

WinDbg is a graphical debugger from Microsoft. It is actually just one component of the Debugging Tools for Windows package, which also includes the KD, CDB, and NTSD debuggers. Its claim to fame is debugging memory dumps produced after a crash. It can even debug in kernel mode. For downloads and...

[MKBRUTUS] Password bruteforcer for MikroTik devices or boxes running RouterOS

Mikrotik brand devices www.mikrotik.com, which runs the RouterOS operative system, are worldwide known and popular with a high networking market penetration. Many companies choose them as they are a great combination of low-cost and good performance. RouterOS can be also installed on other device...

VulnNodeApp - A Vulnerable Node.Js Application

A vulnerable application made using node.js, express server and ejs template engine. This application is meant for educational purposes only. Setup Clone this repository git clone https://github.com/4auvar/VulnNodeApp.git Application setup: Install the latest node.js version with npm. Open...

Limelighter - A Tool For Generating Fake Code Signing Certificates Or Signing Real Ones

A tool which creates a spoof code signing certificates and sign binaries and DLL files to help evade EDR products and avoid MSS and sock scruitney. LimeLighter can also use valid code signing certificates to sign files. Limelighter can use a fully qualified domain name such as acme.com...

ReverseSSH - Statically-linked Ssh Server With Reverse Shell Functionality For CTFs And Such

A statically-linkedssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges, CTFs or similar. Has been developed and was extensively used during OSCP exam preparation. Get the latest Release Features Catching a reverse shell with...

Swift-Attack - Unit Tests For Blue Teams To Aid With Building Detections For Some Common macOS Post Exploitation Methods

Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods. I have included some post exploitation examples using both command line history and on disk binaries which should be easier for detection as well as post exploitation examples using API call...

ImHex - A Hex Editor For Reverse Engineers, Programmers And People That Value Their Eye Sight When Working At 3 AM.

A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM. Features Featureful hex view Byte patching Patch management Copy bytes as feature Bytes Hex string C, C++, C, Rust, Python, Java & JavaScript array ASCII-Art hex view HTML self contained di...

Debotnet - A Tiny Portable Tool For Controlling Windows 10's Many Privacy-Related Settings And Keep Your Personal Data Private

A free and portable tool for controlling Windows 10's many privacy-related settings and keep your personal data private. Your preparation for the Net! The Windows 10 default privacy settings leave a lot to be desired when it comes to protecting you and your private information. Whenever I set up ...

Cloudtopolis - Cracking Hashes In The Cloud For Free

Cloudtopolis is a tool that facilitates the installation and provisioning of Hashtopolis on the Google Cloud Shell platform, quickly and completely unattended and also, free!. Requirements Have 1 Google account at least. Installation Cloudtopolis installation is carried out in two phases: Phase 1...

URLCADIZ - A Simple Script To Generate A Hidden Url For Social Engineering

A simple script to generate a hidden url for social engineering. Legal disclaimer: Usage of URLCADIZ for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not...

InjuredAndroid - A Vulnerable Android Application That Shows Simple Examples Of Vulnerabilities In A CTF Style

A vulnerable Android application with ctf examples based on bug bounty findings, exploitation concepts, and pure creativity. Setup for a physical device 1. Download injuredandroid.apk from Github 2. Enable USB debugging on your Android test phone. 3. Connect your phone and your pc with a usb cabl...

OSIF - Open Source Information Facebook

OSIF is an accurate facebook account information gathering, all sensitive information can be easily gathered even though the target converts all of its privacy to only me, Sensitive information about residence, date of birth, occupation, phone number and email address. Installation $ pkg update...

Eraser - Secure Erase Files from Hard Drives on Windows

Eraser is an advanced security tool for Windows which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Eraser is currently supported under Windows XP with Service Pack 3, Windows Server 2003 with Service Pack 2,...

Stardox - Github Stargazers Information Gathering Tool

Stardox is an advanced github stargazers information gathering tool. It scraps Github for information and display them in list tree view.It can be used for collecting information of your's/someones repository stargazers details. What data it fetchs : 1. Total repsitories 2. Total stars 3. Total...

Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies

Snyk helps you find, fix and monitor known vulnerabilities in Node.js npm, Ruby and Java dependencies, both on an ad hoc basis and as part of your CI Build system. Documentation Full documentation is available on snyk.io Installation 1. Install the Snyk utility using npm install -g snyk. 2. Once...

wpbf - WordPress Brute Force

The script will try to login into the WordPress dashboard through the login form using a mixture of enumerated usernames, a wordlist and relevant keywords from the blog's content. If a single username is given, the script will not search for additional usernames. When a correct username/passwords...

LooneyPwner - Exploit Tool For CVE-2023-4911, Targeting The 'Looney Tunables' Glibc Vulnerability In Various Linux Distributions

Exploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability in various Linux distributions. LooneyPwner is a proof-of-concept PoC exploit tool targeting the critical buffer overflow vulnerability, nicknamed "Looney Tunables," found in the GNU C Library glibc. This flaw,...