6011 matches found
[ADHD v.0.4.1] Active Defense Harbinger Distribution
The Active Defense Harbinger Distribution ADHD is a Linux distro based on Ubuntu 12.04 LTS. It comes with many tools aimed at active defense preinstalled and configured. The purpose of this distribution is to aid defenders by giving them tools to "strike back" at the bad guys. ADHD has tools whos...
ADCSKiller - An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services ADCS vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is...
O365-Doppelganger - A Quick Handy Script To Harvest Credentials Off Of A User During A Red Team And Get Execution Of A File From The User
O365-Doppelganger is NOT a replacement for hardcore phishing activities. There are several other tools which perform OAuth and OTA capture which is not the aim of O365-Doppelganger. O365-Doppelganger is a quick handy script to harvest credentials of a user during Red Teams. This repository is a...
BadOutlook - (Kinda) Malicious Outlook Reader
A simple PoC which leverages the Outlook Application Interface COM Interface to execute shellcode on a system based on a specific trigger subject line. By utilizing the Microsoft.Office.Interop.Outlook namespace, developers can represent the entire Outlook Application or at least according to...
Kraker - Distributed Password Brute-Force System That Focused On Easy Use
Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and workstations, focused on easy of use. There were two main goals during the design and development: to create the most simple tool for distributed hash cracking and make it...
XSS-Scanner - XSS Scanner That Detects Cross-Site Scripting Vulnerabilities In Website By Injecting Malicious Scripts
Cross-Site Scripting XSS is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is a highly chased vulnerability in bug bounty programs. The scanner gets a link from the user and scan the website for XSS vulnerability by...
Rehex - Reverse Engineers' Hex Editor
A cross-platform Windows, Linux, Mac hex editor for reverse engineering, and everything else. Features Large 1TB+ file support Decoding of integer/floating point value types Disassembly of machine code Highlighting and annotation of ranges of bytes Side by side comparision of selections...
Go_Parser - Yet Another Golang Binary Parser For IDAPro
Yet Another Golang Binary Parser For IDAPro NOTE : This master branch is written in Python2 for IDAPython, and tested only on IDA7.2/IDA7.0. If you use IDAPython with Python3 and higher version of IDAPro, please use Python3 Branch for goparser. Inspired by golangloaderassist and...
How to Set Up a VPN on Kodi in 2 Minutes or Less
VPNs are useful for masking your identity when online. Without a VPN, you run the risk of having your data exposed to your Internet Service Provider ISP. This is something that you should think about since your ISP has access to all of your data, including the streaming data from your streaming...
Sherloq - An Open-Source Digital Image Forensic Toolset
An open source image forensic toolset Introduction "Forensic ImageAnalysis is the application of image science and domain expertise to interpret the content of an image and/or the image itself in legal matters. Major subdisciplines of Forensic Image Analysis with law enforcement applications...
MSOLSpray - A Password Spraying Tool For Microsoft Online Accounts (Azure/O365)
A password spraying tool for Microsoft Online accounts Azure/O365. The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS! Why...
Angrgdb - Use Angr Inside GDB - Create An Angr State From The Current Debugger State
Use angr inside GDB. Create an angr state from the current debugger state. Install pip install angrgdb echo "python import angrgdb.commands" /.gdbinit Usage angrgdb implements the angrdbg API in GDB. You can use it in scripts like this: from angrgdb import gdb.execute"b 0x004005f9" gdb.execute"r...
AMIRA - Automated Malware Incident Response & Analysis
AMIRA is a service for automatically running the analysis on the OSXCollector output files. The automated analysis is performed via OSXCollector Output Filters, in particular The One Filter to Rule Them All : the Analyze Filter. AMIRA takes care of retrieving the output files from an S3 bucket,...
Trigmap - A Wrapper For Nmap To Automate The Pentest
Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect informations into a well organized directory hierarchy. The use of Nmap makes the script portable easy to run not only on Kali Linux and very efficient thanks to the optimized Nmap algorithms. Detail...
Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information
Stretcher is a tool to search for open elasticsearch servers. Usage: python stretcher.py --shodan key --action analyze --threads 0..100 --dork python stretcher.py --help / // / / // / \ / / / / / / / / / / / // / / / // // / / / / / //// //// //// Tool designed to help identify incorrectly...
NETworkManager - A Powerful Tool For Managing Networks And Troubleshoot Network Problems!
A powerful tool for managing networks and troubleshoot network problems! Features Network Interface - Information, Configure IP-Scanner Port-Scanner Ping Traceroute DNS Lookup Remote Desktop PuTTY requires PuTTY TightVNC requires TightVNC SNMP - Get, Walk, Set v1, v2c, v3 Wake on LAN HTTP Headers...
Invisi-Shell - Hide Your Powershell Script In Plain Sight (Bypass All Powershell Security Features)
Hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features ScriptBlock logging, Module logging, Transcription, AMSI by hooking .Net assemblies. The hook is performed via CLR Profiler API. Work In Progress This is still a preliminary version intended as a...
DNSDiag - DNS Diagnostics And Performance Measurement Tools
Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to mak...
Lalin - Hackpack & Kali Linux Tools
Lalin is a remake of Lazykali by bradfreda with fixed bugs , added new features and uptodate tools . It's compatible with the latest release of Kali Rolling Changelog Lalin gets updated weekly with new features, improvements and bugfixes. Be sure to check out the Changelog How it works Extract Th...
IP Thief - Simple IP Stealer in PHP
A simple PHP script to capture the IP address of anyone that send the "imagen.php" file with the following options: + It comes with an administrator to view and delete IP + You can change the redirect URL image + Can you see the country of the visitor Download IP Thief...
WebBrowserPassView - Recover lost passwords stored in your Web browser
WebBrowserPassView is a password recovery tool that reveals the passwords stored by the following Web browsers: Internet Explorer Version 4.0 - 10.0, Mozilla Firefox All Versions, Google Chrome, Safari, and Opera. This tool can be used to recover your lost/forgotten password of any Website,...
Sandman - NTP Based Backdoor For Red Team Engagements In Hardened Networks
Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a stager and leverages NTP a protocol to sync time & date to get and run an arbitrary shellcode from a pre-defined server. Since NTP is a protocol that is overlooked by many defenders...
Gohide - Tunnel Port To Port Traffic Over An Obfuscated Channel With AES-GCM Encryption
Tunnel port to port traffic via an obfuscated channel with AES-GCM encryption. Obfuscation Modes Session Cookie HTTP GET http-client Set-Cookie Session Cookie HTTP/2 200 OK http-server WebSocket Handshake "Sec-WebSocket-Key" websocket-client WebSocket Handshake "Sec-WebSocket-Accept"...
Pantagrule - Large Hashcat Rulesets Generated From Real-World Compromised Passwords
gargantuan hashcat rulesets generated from compromised passwords Project maintenance warning : This project is deemed completed. No pull requests or changes will be made to this project in the future unless they are actual bugs or migrations to allow these rules to work with newer versions of...
Pillager - Filesystems For Sensitive Information With Go
Pillager is designed to provide a simple means of leveraging Go's strong concurrency model to recursively search directories for sensitive information in files. Pillager does this by standing on the shoulders of a few giants. Once pillager finds files that match the specified pattern, the file is...
SNIcat - Server Name Indication Concatenator
SNIcat is a proof of concept tool that performs data exfiltration, utilizing a covert channel method via. Server Name Indication , a TLS Client Hello Extension. The tool consists of an agent which resides on the compromised internal host, and a Command &Control Server which controls the agent and...
Spybrowse - Code Developed To Steal Certain Browser Config Files (History, Preferences, Etc)
Be sure to change the ftp variables throughout the code, these variables contain the username, password, & IP address of the FTP server which receives the files. This code will do the following: 1. Copy itself into the %TMP% directory & name itself ursakta.exe 2. Add a registry entry to execute...
dorkScanner - A Typical Search Engine Dork Scanner Scrapes Search Engines With Dorks That You Provide In Order To Find Vulnerable URLs
A typical search engine dork scanner that scrapes search engines with queries that you provide in order to find vulnerable URLs. Introduction Dorking is a technique used by newsrooms, investigative organisations, security auditors as well as tech savvy criminals to query various search engines fo...
URLBrute - Tool To Brute Website Sub-Domains And Dirs
What is this URLBrute is a tool to help you brute forcing website sub-domains and dirs. Can be used with python3 and python2. Dependencies urlbrute.py requests = 2.21.0 bs4 = 0.0.1 datetime = 4.3 How to install In Linux: chmod +x install.sh sudo ./install.sh In Windows, install python 3.7, then r...
ProjectOpal - Stealth Post-Exploitation Framework For Wordpress
Stealth post-exploitation framework for Wordpress CMS Official ProjectOpal Repository. What is it and why was it made? We intentionally made it for our penetration testing jobs however its getting grey hairs now so we thought we would like to pass it on to the public!. ProjectOpal or Opal. Is a...
AlertResponder - Automatic Security Alert Response Framework By AWS Serverless Application Model
AlertResponder is a serverless framework for automatic response of security alert. Overview AlertResponder receives an alert that is event of interest from security view point and responses the alert automatically. AlertResponder has 3 parts of automatic response. 1. Inspector investigates entiti...
RansomCoin - A DFIR Tool To Extract Cryptocoin Addresses And Other Indicators Of Compromise From Binaries
Extracting metadata and hardcoded Indicators of Compromise from ransomware, in a scalable, efficient, way with cuckoo integrations. Ideally, is it run during cuckoo dynamic analysis, but can also be used for static analysis on large collections of ransomware. Designed to be fast, with low false...
CCAT - Cloud Container Attack Tool For Testing Security Of Container Environments
Cloud Container Attack Tool CCAT is a tool fortesting security of container environments. Quick reference Where to get help : the Pacu/CloudGoat/CCAT Community Slack, or Stack Overflow Where to file issues : https://github.com/RhinoSecurityLabs/ccat/issues Maintained by : the Rhino Assessment Tea...
CyberChef - The Cyber Swiss Army Knife [A Web App For Encryption, Encoding, Compression And Data Analysis]
The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression an...
Harpoon - CLI Tool For Open Source And Threat Intelligence
OSINT tool, CLI Tool For Open Source And Threat Intelligence Install You can simply pip install the tool: pip3 install git+http://[email protected]/Te-k/harpoon --process-dependency-links Optionally if you want to use the screenshot plugin, you need phantomjs and npm installed: npm install -...
BAF - Blind Attacking Framework
What is BAF ? it's a framework written in python 2.7 that is being made specially for blind attacking , ie : attacking random targets with common security issues , targets are generated by the hackers search engine "shodan" and vulnerable hosts are hacked in an automated way . this framework is...
stickyKeysHunter - A Script to Test an RDP Host for Sticky Keys and Utilman Backdoor
This bash script tests for sticky keys and utilman backdoors. The script will connect to an RDP server, send both the sticky keys and utilman triggers and screenshot the result. How does it work? 1. Connects to RDP using rdesktop 2. Sends shift 5 times using xdotool to trigger sethc.exe backdoors...
SmarTTY - Multi-tabbed SSH Client with SCP Support
SmarTTY is a free multi-tabbed SSH client that supports copying files and directories with SCP on-the-fly and editing files in-place. One SSH session - multiple tabs Most SSH servers support up to 10 sub-sessions per connection. SmarTTY makes the best of it: no annoying multiple windows, no need ...
Kadimus - LFI Scan & Exploit Tool
Kadimus is a tool to check sites to lfi vulnerability , and also exploit it Features: Check all url parameters /var/log/auth.log RCE /proc/self/environ RCE php://input RCE data://text RCE Source code disclosure Multi thread scanner Command shell interface through HTTP Request Proxy support...
[ScanPlanner] Scanner Nmap Online
ScanPlanner is the easiest, fastest way to run NMAP scans and tests from the web. Schedule and track your network scans and vulnerability tests with our intuitive online interface. WEB:http://scanplanner.com/...
SherlockChain - A Streamlined AI Analysis Framework For Solidity, Vyper And Plutus Contracts
SherlockChain is a powerful smart contract analysis framework that combines the capabilities of the renowned Slither tool with advanced AI-powered features. Developed by a team of security experts and AI researchers, SherlockChain offers unparalleled insights and vulnerability detection for...
ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities
ThievingFox is a collection of post-exploitation tools to gather credentials from various password managers and windows utilities. Each module leverages a specific method of injecting into the target process, and then hooks internals functions to gather crendentials. The accompanying blog post ca...
Sysreptor - Fully Customisable, Offensive Security Reporting Tool Designed For Pentesters, Red Teamers And Other Security-Related People Alike
Easy and customisable pentest report creator based on simple web technologies. SysReptor is a fully customisable, offensive security reporting tool designed for pentesters, red teamers and other security-related people alike. You can create designs based on simple HTML and CSS, write your reports...
Codecepticon - .NET Application That Allows You To Obfuscate C#, VBA/VB6 (Macros), And PowerShell Source Code
Codecepticon is a .NET application that allows you to obfuscate C, VBA/VB6 macros, and PowerShell source code, and is developed for offensive security engagements such as Red/Purple Teams. What separates Codecepticon from other obfuscators is that it targets the source code rather than the compil...
Snaffler - A Tool For Pentesters To Help Find Delicious Candy
Snaffler is a tool for pentesters to help find delicious candy needles creds mostly, but it's flexible in a bunch of horrible boring haystacks a massive Windows/AD environment. It might also be useful for other people doing other stuff, but it is explicitly NOT meant to be an "audit" tool. I don'...
CSIRT-Collect - PowerShell Script To Collect Memory And (Triage) Disk Forensics
A PowerShell script to collect memory and triage disk forensics for incident response investigations. The script leverages a network share, from which it will access and copy the required executables and subsequently upload the acquired evidence to the same share post-collection. Permission...
ABPTTS - TCP Tunneling Over HTTP/HTTPS For Web Application Servers
A Black Path Toward The Sun TCP tunneling over HTTP for web application servers https://www.blackhat.com/us-16/arsenal.htmla-black-path-toward-the-sun Ben Lincoln, NCC Group, 2016 ABPTTS uses a Python client script and a web application server page/package1 to tunnel TCP traffic over an HTTP/HTTP...
Android_Hid - Use Android As Rubber Ducky Against Another Android Device
Use Android as Rubber Ducky against another Android device HID attack using Android Using Android as Rubber Ducky against Android. This is not a new technique, just a demo how to perform HID attack using Android instead of rubber ducky. For targeted Android device it is not necessary to be rooted...
Urlhunter - A Recon Tool That Allows Searching On URLs That Are Exposed Via Shortener Services
urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly and goo.gl. The project is written in Go. How? A group named URLTeam kudos to them are brute forcing the URL shortener services and publishing matched results on a daily basis. urlhunter...
Fawkes - Tool To Search For Targets Vulnerable To SQL Injection (Performs The Search Using Google Search Engine)
Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine. Options -q, --query - Dork that will be used in the search engine. -r, --results - Number of results brought by the search engine. -s, --start-page - Home page of search results. -t...