Catchyou - FUD Win32 Msfvenom Payload Generator

Fully Undetectable Win32 MSFVenom Payload Generator meterpreter/shell reverse tcp Author: github.com/thelinuxchoice/catchyou Twitter: twitter.com/linuxchoice Please, don't upload to VirusTotal! Usehttps://antiscan.me Features: Fully Undetectable Win32 MSFVenom Payload meterpreter/shell reverse tc...

Privacy Badger - A Browser Extension That Automatically Learns To Block Invisible Trackers

Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to block, Privacy Badger learns by watching which domains appear to be tracking you as you browse the Web. Privacy Badger sends the Do Not Track signal with your browsing...

DLLPasswordFilterImplant - DLL Password Filter Implant With Exfiltration Capabilities

DLLPasswordFilterImplant is a custom password filter DLL that allows the capture of a user's credentials. Each password change event on a domain will trigger the registered DLL in order to exfiltrate the username and new password value prior successfully changing it in the Active Directory AD. Fo...

DrMITM - Program Designed To Globally Log All Traffic Of A Website

DrMITM is a program designed to globally log all traffic. How it works DrMITM sends a request to website and returns the IP of the website just in case the server of the website is designed to rely on the website IP for requests, and the request that goes to the website also ends up being sent to...

Veil - Tool To Generate Metasploit Payloads That Bypass Common Anti-virus Solutions

Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. Veil is current under support by @ChrisTruncer Software Requirements: The following OSs are officially supported: Debian 8+ Kali Linux Rolling 2018.1+ The following OSs are likely able to run Veil: Ar...

stickyKeysHunter - A Script to Test an RDP Host for Sticky Keys and Utilman Backdoor

This bash script tests for sticky keys and utilman backdoors. The script will connect to an RDP server, send both the sticky keys and utilman triggers and screenshot the result. How does it work? 1. Connects to RDP using rdesktop 2. Sends shift 5 times using xdotool to trigger sethc.exe backdoors...

Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests

Mass Assigner is a powerful tool designed to identify and exploit mass assignment vulnerabilities in web applications. It achieves this by first retrieving data from a specified request, such as fetching user profile data. Then, it systematically attempts to apply each parameter extracted from th...

Subhunter - A Fast Subdomain Takeover Tool

Subdomain takeover is a common vulnerability that allows an attacker to gain control over a subdomain of a target domain and redirect users intended for an organization's domain to a website that performs malicious activities, such as phishing campaigns, stealing user cookies, etc. It occurs when...

ZeusCloud - Open Source Cloud Security

ZeusCloud is an open source cloud security platform. Discover, prioritize, and remediate your risks in the cloud. Build an asset inventory of your AWS accounts. Discover attack paths based on public exposure, IAM, vulnerabilities, and more. Prioritize findings with graphical context. Remediate...

RDPHijack-BOF - Cobalt Strike Beacon Object File (BOF) That Uses WinStationConnect API To Perform Local/Remote RDP Session Hijacking

Cobalt Strike Beacon Object File BOF that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access token / kerberos ticket e.g., golden ticket of the session owner, you will be able to hijack the session remotely without dropping any beacon/tool on the target...

Rustcat - Netcat Alternative

About Rustcat is a port listener that can be used for different purposes. It is basically like netcat but with fewer options Why use Rustcat? Serves it purpose of listening to ports Has command history It is easy to use Supports udp Uses colors Installation Debian wget...

BetterXencrypt - A Better Version Of Xencrypt - Xencrypt It Self Is A Powershell Runtime Crypter Designed To Evade AVs

A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs. cause Xencrypt is not FUD anymore and easily get caught by AMSI,i recode the stub and now it FUD again. And the original Xencrypt,if you see on the screenshot proof,he's tested on Windows 8,and if...

DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs

DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs Eric Conrad, Backshore Communications, LLC deepblue at backshore dot net Twitter: @ericconrad http://ericconrad.com Sample evtx files are in the .\evtx directory Usage: .\DeepBlue.ps1 See the Set-ExecutionPolicy Readme if...

Geo-Recon - An OSINT CLI Tool Desgined To Fast Track IP Reputation And Geo-locaton Look Up For Security Analysts

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts. Setup This tool is compactible with: Any Linux Operating System Debian, Ubuntu, CentOS Termux Linux Setup git clone https://github.com/radioactivetobi/geo-recon.git cd geo-recon chmod +x...

Wonitor - Fast, Zero Config Web Endpoint Change Monitor

fast, zero config web endpoint change monitor. for comparing responses, a selected list of http headers and the full response body is stored on a local key/value store file. no configuration needed. to increase network throughput, a --worker flag allows to set the concurrency when monitoring...

DroneSploit - Drone Pentesting Framework Console

This CLI framework is based on sploitkit and is an attempt to gather hacking techniques and exploits especially focused on drone hacking. For the ease of use, the interface has a layout that looks like Metasploit. Black Hat Europe Arsenal 2019 presentation Also see articles: Black Hat Europe: New...

SecretFinder - A Python Script For Find Sensitive Data (Apikeys, Accesstoken, JWT...) And Search Anything On Javascript Files

SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of...

Jshole - A JavaScript Components Vulnrability Scanner, Based On RetireJS

A JavaScript components vulnrability scanner, based on RetireJS. Why use JShole instead of RetireJS? By default, RetireJS only searches one page, but JShole tries to crawl all pages. How it works? Get Started Requirements requests Install git clone https://github.com/callforpapers-source/jshole.g...

Forerunner - Fast And Extensible Network Scanning Library Featuring Multithreading, Ping Probing, And Scan Fetchers

The Forerunner library is a fast, lightweight, and extensible networking library created to aid in the development of robust network centric applications such as: IP Scanners, Port Knockers, Clients, Servers, etc. In it's current state, the Forerunner library is able to both synchronously and...

Project iKy v2.6.0 - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Visit the Gitlab Page of the Project Installation Clone repository git clone https://gitlab.com/kennbroorg/iKy.git Install Backend Redis You must install Redis wget...

Chepy - A Python Lib/Cli Equivalent Of The Awesome CyberChef Tool.

Chepy is a python library with a handy cli that is aimed to mirror some of the capabilities of CyberChef. A reasonable amount of effort was put behind Chepy to make it compatible to the various functionalities that CyberChef offers, all in a pure Pythonic manner. There are some key advantages and...

Radare2 - Unix-Like Reverse Engineering Framework And Commandline Tools Security

r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. Radare project started as a forensics tool, a scriptable command-line hexadecimal editor able to open disk files, but later added support for analyzing binaries, disassembling code,...

BabySploit - BabySplot Beginner Pentesting Framework

Tested on Kali Linux. Should work with all Debian based distros and other ones if you have the right packages installed BabySploit is a penetration testing framework aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and...

Swap Digger - Tool That Automates Swap Extraction And Searches For Linux User Credentials, Web Forms Credentials, Web Forms Emails, Http Basic Authentication, Wifi SSID And Keys, Etc

swapdigger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc. Download and run the tool O...

EKFiddle v.0.8.2 - A Framework Based On The Fiddler Web Debugger To Study Exploit Kits, Malvertising And Malicious Traffic In General

A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Installation Download and install the latest version of Fiddler https://www.telerik.com/fiddler Special instructions for Linux and Mac here:...

LaZagne v2.3 - Credentials Recovery Project

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques plaintext, APIs, custom algorithms, databases, etc.. This tool has been developed for the purpose of finding these passwor...

sAINT - A Spyware Generator for Windows systems written in Java

sAINT is a Spyware Generator for Windows systems written in Java. Features Keylogger Take Screenshot Webcam Capture Persistence Tested On KaliLinux - ROLLING EDITION How To Use Install dependencies you need Maven and JDK 8 package installed $ apt install maven default-jdk default-jre openjdk-8-jd...

AVPASS - Tool For Leaking And Bypassing Android Malware Detection System

AVPASS is a tool for leaking the detection model of Android malware detection systems i.e., antivirus software, and bypassing their detection logics by using the leaked information coupled with APK obfuscation techniques. AVPASS is not limited to detection features used by detection systems, and...

rePy2exe - A Reverse Engineering Tool for py2exe applications

Reverse Engineering Tool for py2exe applications. Prerequisites cmake git python2.7 Cloning git clone https://github.com/4w4k3/rePy2exe.git Running python rePy2exe.py or python2.7 rePy2exe.py Authors Alisson Moretto - Coder - 4w4k3 Reference Thanks to: zrax - pycdc matiasb - unpy2exe License This...

ProGuard - Java class file Shrinker, Optimizer, Obfuscator and Preverifier

ProGuard is a free Java class file shrinker, optimizer, obfuscator, and preverifier. It detects and removes unused classes, fields, methods, and attributes. It optimizes bytecode and removes unused instructions. It renames the remaining classes, fields, and methods using short meaningless names...

[ZynOS-Attacker] (TP-LINK TD-W8951ND Router) Tool for automated attack on a range of IP

With these scripts you can attack ZynOS routers and modify/extract anything you want on the target router from extracting ISP username and password to injecting rogue DNS servers IPs. Download ZynOS-Attacker...

Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale

Implement and monitor Appsec control at scale. Requirements NodeJS 20.13 Tested on Mac Ubuntu How to install $ git clone [email protected]:mf-labs/witcher.git $ cd witcher $ npm i Build a Docker image $ git clone [email protected]:mf-labs/witcher.git $ cd witcher $ docker build -t witch...

DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more. What is Docker? Docker is an open-source platform that automates the deployment, scaling, and management of applications using containerization technology...

Sicat - The Useful Exploit Finder

Introduction SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant...

X-force - IBM Security Utilitary Library In Python. Search And Query All Sources: Threat_Activities And Groups, Malware_Analysis, Industries

IBM Security X-FORCE Exchange library in Python 3. Search: threatactivities, threatgroups, malwareanalysis, collector and industries. Install pip3 install XForce Use Using you APIKEY make a basic authentication. After make a base64 code → Key + : + Password: printf...

Aftermath - A Free macOS IR Framework

Aftermath is a Swift-based, open-source incident response framework. Aftermath can be leveraged by defenders in order to collect and subsequently analyze the data from the compromised host. Aftermath can be deployed from an MDM ideally, but it can also run independently from the infected user's...

Sentinel-Attack - Tools To Rapidly Deploy A Threat Hunting Capability On Azure Sentinel That Leverages Sysmon And MITRE ATT&CK

Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel. DISCLAIMER: This tool requires tuning and investigative trialling to be truly effective in a production environment. Overview Sentinel ATT&CK provides the...

Jarm - Active Transport Layer Security (TLS) server fingerprinting tool

Please read the initial JARM blog post for more information. JARM is an active Transport Layer Security TLS server fingerprinting tool. JARM fingerprints can be used to: Quickly verify that all servers in a group have the same TLS configuration. Group disparate servers on the internet by...

SharpLAPS - Retrieve LAPS Password From LDAP

The attribute ms-mcs-AdmPwd stores the clear-text LAPS password. This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory. Require either: Account with ExtendedRight or Generic All Rights Domain Admin...

Cpufetch - Simplistic Yet Fancy CPU Architecture Fetching Tool

Simplistic yet fancy CPU architecture fetching tool 1. Support cpufetch currently supports x8664 CPUs both Intel and AMD and ARM. Platform | x8664 | ARM | Notes ---|---|---|--- Linux | ✔️ | ✔️ | Prefered platform. Experimental ARM support Windows | ✔️ | ❌ | Some information may be missing. Colors...

SIRAS - Security Incident Response Automated Simulations

Security Incident Response Automated Simulations SIRAS are internal/controlled actions that provide a structured opportunity to practice the incident response plan and procedures during a realistic scenarios. the main idea of SIRAS is create an detection-as-a-code testing scenarios to facilitate...

Py3Webfuzz - A Python3 Module To Assist In Fuzzing Web Applications

Based on pywebfuzz, Py3webfuzz is a Python3 module to assist in the identification of vulnerabilities in web applications, Web Services through brute force, fuzzing and analysis. The module does this by providing common testing values, generators and other utilities that would be helpful when...

ReconNote - Web Application Security Automation Framework Which Recons The Target For Various Assets To Maximize The Attack Surface For Security Professionals & Bug-Hunters

Web Application Security ReconAutomation Framework It takes user input as a domain name and maximize the attack surface area by listing the assets of the domain like - Subdomains from - Amass ,findomain, subfinder & resolvable subdomains using shuffledns Screenshots Port Scan JS files Httpx Statu...

eDEX-UI - A Cross-Platform, Customizable Science Fiction Terminal Emulator With Advanced Monitoring &Touchscreen Support

eDEX-UI is a fullscreen, cross-platform terminal emulator and system monitor that looks and feels like a sci-fi computer interface. Heavily inspired from the TRON Legacy movie effects especially the Board Room sequence, the eDEX-UI project was originally meant to be "DEX-UI with less « art » and...

Bashtop - Linux/OSX/FreeBSD Resource Monitor

Bpytop, bashtop python port is now available at https://github.com/aristocratos/bpytop It's a lot faster and about a third as cpu heavy and has more features, including: Mouse support Toggleable mini mode More customization Graphs for memory consumption It's also a lot easier for me to bug fix an...

HiveJack - This Tool Can Be Used During Internal Penetration Testing To Dump Windows Credentials From An Already-Compromised Host

This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM registry hives and once copied to the attacker machines provides an option to delete these files to clear the trace. Often, this i...

wxHexEditor - Hex Editor / Disk Editor for Huge Files or Devices on Linux, Windows and MacOSX

wxHexEditor is another Free Hex Editor, build because there is no good hex editor for Linux system, specially for big files. Low Level Data Recovery with wxHexEditor wxHexEditor is not an ordinary hex editor, but could work as low level disk editor too. If you have problems with your HDD or...

Nfstream - A Flexible Network Data Analysis Framework

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...

WPHunter - Wordpress Vulnerability Scanner

You can use this tool on your wordpress website to check the security of your website by finding the vulnerability in your website. Over 75 million websites run on WordPress. which is now powers 26% of the Web. Remarkably enough thousands of WP sites are vulnerable to attacks and get hacked each...

StaCoAn - Crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. This tool will look for interesting lines in the code which can contain: Hardcoded credentials API keys URL's of API's Decryption keys Major coding...