ConEmu - Customizable Windows Terminal With Tabs, Splits, Quake-Style, Hotkeys And More

ConEmu-Maximus5 is a Windows console emulator with tabs, which represents multiple consoles as one customizable GUI window with various features. Initially, the program was created as a companion to Far Manager, my favorite shell replacement - file and archive management, command history and...

Qiling - Advanced Binary Emulation Framework

Qiling is an advanced binary emulation framework, with the following features: Cross platform: Windows, MacOS, Linux, BSD Cross architecture: X86, X8664, Arm, Arm64, Mips Multiple file formats: PE, MachO, ELF Emulate & sandbox machine code in a isolated environment Provide high level API to setup...

Miasm - Reverse Engineering Framework In Python

Miasm is a free and open source GPLv2 reverse engineering framework. Miasm aims to analyze / modify / generate binary programs. Here is a non exhaustive list of features: Opening / modifying / generating PE / ELF 32 / 64 LE / BE using Elfesteem Assembling / Disassembling X86 / ARM / MIPS / SH4 /...

Ph0Neutria - A Malware Zoo Builder That Sources Samples Straight From The Wild

ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability. This project was inspired by Ragpicker https://github.com/robbyFux/Ragpicker, formerly known as "Malware Crawler". However, ph0neutria aims to: Limi...

GlobaLeaks - The Open-Source Whistleblowing Software

GlobaLeaks is open-source / free software intended to enable secure and anonymous whistleblowing initiatives developed by the Hermes Center for Transparency and Digital Human Rights. For the user manual refer to the GlobaLeaks's User Manual. For the developer documentation refer to the GlobaLeaks...

PenCrawLer - An Advanced Web Crawler And DirBuster

An Advanced Web Crawler and DirBuster PeNCrawLer is an advanced webcrawler and dirbuster designed to using in penetration testing based on Windows Os. Web Crawler Features: Follow Redirects Rendering Javascript Extract links from custom HTML-Elements Extract links with Regex-Pattern Black-List...

MHA - Mail Header Analyzer

Mail header analyzer is a tool written in flask for parsing email headers and converting them to a human readable format and it also can: Identify hop delays. Identify the source of the email. Identify hop country. MHA is an alternative for the following: Name | Dev | Issues ---|---|---...

CANToolz aka YACHT (Yet Another Car Hacking Tool) - Framework for Black-Box CAN Network Analysis

CANToolz is a framework for analysing CAN networks and devices. This tool based on different modules which can be assembled in pipe together and can be used by security researchers and automotive/OEM security testers for black-box analysis and etc. You can use this software for ECU discovery, MIT...

Graudit - Find potential security flaws in source code using grep

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very...

Vane - WordPress Vulnerability Scanner (A GPL fork of WPScan)

Vane is a GPL fork of the now non-free popular WordPress vulnerability scanner WPScan. INSTALL Prerequisites Windows not supported Ruby = 1.9 RubyGems Git Installing on Debian/Ubuntu sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev git clone...

[Maltrieve] A tool to retrieve malware directly from the source for security researchers

Maltrieve originated as a fork of mwcrawler. It retrieves malware directly from the sources as listed at a number of sites, including: Malc0de Malware Black List Malware Domain List Malware Patrol Sacour.cn VX Vault URLqery CleanMX These lists will be implemented if/when they return to activity...

Volana - Shell Command Obfuscation To Avoid Detection Systems

Shell command obfuscation to avoid SIEM/detection system During pentest, an important aspect is to bestealth. For this reason you should clear your tracks after your passage. Nevertheless, many infrastructures log command and send them to a SIEM in a real time making the afterwards cleaning part...

Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework

Hakuin is a Blind SQL Injection BSQLI optimization and automation framework written in Python 3. It abstracts away the inference logic and allows users to easily and efficiently extract databases DB from vulnerable web applications. To speed up the process, Hakuin utilizes a variety of optimizati...

C2-Search-Netlas - Search For C2 Servers Based On Netlas

C2 Search Netlas is a Java utility designed to detect Command and Control C2 servers using the Netlas API. It provides a straightforward and user-friendly CLI interface for searching C2 servers, leveraging the Netlas API to gather data and process it locally. Usage To utilize this terminal utilit...

Dumpulator - An Easy-To-Use Library For Emulating Memory Dumps. Useful For Malware Analysis (Config Extraction, Unpacking) And Dynamic Analysis In General (Sandboxing)

Note: This is a work-in-progress prototype, please treat it as such. Pull requests are welcome! You can get your feet wet withgood first issues An easy-to-use library for emulating code in minidump files. Here are some links to posts/videos using dumpulator: Introduction video with OALabs:...

Cortex-XDR-Config-Extractor - Cortex XDR Config Extractor

This tool is meant to be used during Red Team Assessments and to audit the XDR Settings. With this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto Networks and extract Agent Settings, the Hash and Salt of the Uninstall Password, as well as possible...

AzureHound - Azure Data Exporter For BloodHound

The BloodHound data collector for Microsoft Azure Get AzureHound Release Binaries Download the appropriate binary for your platform from one of our Releases. Rolling Release The rolling release contains pre-built binaries that are automatically kept up-to-date with the main branch and can be...

SteaLinG - Open-Source Penetration Testing Framework Designed For Social Engineering

The SteaLinG is an open-source penetration testing framework designed for social engineering After the hack, you can upload it to the victim's device and run it disclaimers: This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal...

Gohide - Tunnel Port To Port Traffic Over An Obfuscated Channel With AES-GCM Encryption

Tunnel port to port traffic via an obfuscated channel with AES-GCM encryption. Obfuscation Modes Session Cookie HTTP GET http-client Set-Cookie Session Cookie HTTP/2 200 OK http-server WebSocket Handshake "Sec-WebSocket-Key" websocket-client WebSocket Handshake "Sec-WebSocket-Accept"...

VAmPI - Vulnerable REST API With OWASP Top 10 Vulnerabilities For Security Testing

The Vulnerable API Based on OpenAPI 3 VAmPI is a vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs. It was created as I wanted a vulnerable API to evaluate the efficiency of tools used to detect security issues in APIs. It includes a...

Tornado - Anonymously Reverse Shell Over Tor Network Using Hidden Services Without Portforwarding

anonymously reverse shell over onion network using hidden services without portfortwarding Explore the docs fully undetectable reverse shell · View Demo · bulletproof anonymity If you are having any operating system compatiblity issue, let me know. I will try to fix as soon as possible so let's...

LDAPmonitor - Monitor Creation, Deletion And Changes To LDAP Objects Live During Your Pentest Or System Administration!

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! With this tool you can quickly see if your attack worked and if it changed LDAP attributes of the target object. Features Feature | Python .py | CSharp .exe | Powershell .ps1 ---|---|---|---...

SGXRay - Automating Vulnerability Detection for SGX Apps

Intel SGX protects isolated application logic and sensitive data inside an enclave with hardware-based memory encryption. To use such hardware-based security mechanism requires a strict programming model on memory usage， with complex APIs in and out the enclave boundary. Enclave developers are...

TeamsUserEnum - User Enumeration With Microsoft Teams API

Sometimes user enumeration could be sometimes useful during the reconnaissance of an assessment. This tool will determine if an email is registered on teams or not. More details on the immunIT's blog Usage Microsoft Teams with the search features. This tool validates an email address or a list of...

Php_Code_Analysis - San your PHP code for vulnerabilities

This script willscan your code the script can find 1. checkfileupload issues 2. hostheaderinjection 3. SQl injection 4. insecure deserialization 5. openredirect 6. SSRF 7. XSS 8. LFI 9. commandinjection features 1. fast 2. simple report usage: python code.py this will scan one file python code.py...

Lucifer - A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration And More...

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life Setup git clone https://github.com/Skiller9090/Lucifer.git cd Lucifer pip install -r...

Scrying - A Tool For Collecting RDP, Web And VNC Screenshots All In One Place

A new tool for collecting RDP, web and VNC screenshots all in one place This tool is still a work-in-progress and should be mostly usable but is not yet complete. Please file any bugs or feature requests as GitHub issues Caveats Web screenshotting relies on Chromium or Google Chrome being install...

HackBrowserData - Decrypt Passwords/Cookies/History/Bookmarks From The Browser

hack-browser-data is an open-source tool that could help you decrypt data passwords / bookmarks / cookies / history from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux. Supported Browser Windows Browser | Password | Cookie | Bookmark | Histor...

FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) - A Distributed Evolutionary Binary Fuzzer For Pentesters

FLUFFI - A distributed evolutionary binary fuzzer for pentesters. About the project High level overview Getting started Usage HOWTOs Technical Details Contributing to FLUFFI LICENSE Bugs found So far, FLUFFI was almost exclusively used on SIEMENS products and solutions. Bugs found therein will no...

VPS-Docker-For-Pentest - Create A VPS On Google Cloud Platform Or Digital Ocean Easily With The Docker For Pentest

Create a VPS on Google Cloud Platform or Digital Ocean easily with the docker for pentest included to launch the assessment to the target. Requirements Terraform installed Ansible installed SSH private and public keys Google Cloud Platform or Digital Ocean account. Usage 1.- Clone the repository...

Lynis 3.0.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

Elemental - An MITRE ATTACK Threat Library

Elemental is a centralized threat library of MITRE ATT&CK techniques, Atomic Red Team tests, and over 280 Sigma rules. It provides an alternative way to explore the ATT&CK dataset, mapping relevant Atomic Red Team tests and Sigma rules to their respective technique. Elemental allows defenders to...

Nuclei - Nuclei Is A Fast Tool For Configurable Targeted Scanning Based On Templates Offering Massive Extensibility And Ease Of Use

Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. Nuclei is used to send requests across targets based on a template leading to zero false positives and providing effective scanning for known paths. Main use cases for nucle...

DockerSecurityPlayground - A Microservices-based Framework For The Study Of Network Security And Penetration Test Techniques

Docker Security Playground is an application that allows you to: Create network and network security scenarios , in order to understand network protocols, rules, and security issues by installing DSP in your PC. Learn penetrationtesting techniques by simulating vulnerability labs scenarios Manage...

SharpSploitConsole - Console Application Designed To Interact With SharpSploit

Console Application designed to interact with SharpSploit released by @cobbrio SharpSploit is a tool written by @cobbrio that combines many techniques/C code from the infosec community and combines it into one sweet DLL. It's awesome so check it out! Description SharpSploit Console is just a quic...

Web Shell Detector - PHP Script That Helps You Find And Identify PHP / CGI (Perl) / ASP / ASPX Shells

Web Shell Detector is a php script that helps you find and identify php/cgiperl/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector has a light weight and...

HouseProxy - HTTP proxy focused on block phishing URL's

Protect your parents from phishing, HTTP proxy focused on block phishing URL's Install git clone https://github.com/mthbernardes/HouseProxy.git cd HouseProxy/ pip install -r requeriments.txt Config Edit etc/HouseProxy.conf to change de default user and password Create a entry in your DNS to...

dockerscan - Docker Security Analysis and Hacking Tools

What's dockerscan A Docker analysis tools Very quick install python3.5 -m pip install -U pip python3.5 -m pip install dockerscan Show options: dockerscan -h Available actions Currently Docker Scan support these actions: Scan: Scan a network trying to locate Docker Registries Registry Delete: Dele...

filtron - Filtering reverse HTTP proxy

Reverse HTTP proxy to filter requests by different rules. Can be used between production webserver and the application server to prevent abuse of the application backend. The original purpose of this program was to defend searx , but it can be used to guard any web application. Installation and...

Fireaway - Next Generation Firewall Audit and Bypass Tool

Fireaway is a tool for auditing, bypassing, and exfiltrating data against layer 7/AppID inspection rules on next generation firewalls. These tactics are based on the principle of having to allow connections to establish through the NGFW in order to see layer 7 data to filter, as well as spoofing...

anonym8 - Transparent Proxy through TOR, I2P, Privoxy, Polipo and modify DNS

Transparent Proxy through TOR, I2P, Privoxy, Polipo and modify DNS, for a simple and better privacy and security; Include Anonymizing Relay Monitor arm, macchanger, hostname and wipe Cleans ram/cache & swap-space features. Tested on Debian, Kali, Parrot to use the graphical interface, you'll need...

TestingWhiz - Codeless Software Testing Automation Tool

TestingWhiz is a test automation tool for web, database, cloud, mobile and web services/API testing from Cygnet Infotech. It has a codeless architecture based on FAST Automation Engine with 290+ readily available test commands that provide easy, intuitive and fast automation solution without...

Appie v3 - Android Pentesting Portable Integrated Environment

Appie is a software package that has been pre-configured to function as an Android Pentesting Environment on any windows based machine without the need of a Virtual MachineVM or dualboot. It is completely portable and can be carried on USB stick or your smartphone. It is one of its kind Android...

LiME - Linux Memory Extractor

A Loadable Kernel Module LKM which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android. This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its interaction between user and kernel space...

Nosql-Exploitation-Framework - A FrameWork For NoSQL Scanning and Exploitation Framework

A FrameWork For NoSQL Scanning, Enumeration and Exploitation. NoSQL Databases are schema less databases. They were invented to store data easily and flexibly. NoSQL Databases have gained popularity and its security has always been under the scanner. The NoSQL Exploitation Framework focuses...

[iodine] Tunnel application to forward IPv4 traffic through DNS servers (IP over DNS)

iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a TUN/TAP device. The bandwidth is asymmetrical with limit...

[smbexec] A rapid psexec style attack with samba tools

smbexec A rapid psexec style attack with samba tools Original Concept and Script by PureHate & Brav0Hax Codename - Diamond in the Rough Gonna pha-q up - PurpleTeam Smash! Written because we got sick of Metasploit PSExec getting popped Special thanks to Carnal0wnage who's blog inspired us to go th...

Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)

A Python script to check Next.js sites for corrupt middleware vulnerability CVE-2025-29927. The corrupt middleware vulnerability allows an attacker to bypass authentication and access protected routes by send a custom header x-middleware-subrequest. Next JS versions affected: - 11.1.4 and up...

CyberChef - The Cyber Swiss Army Knife - A Web App For Encryption, Encoding, Compression And Data Analysis

CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data,...

ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities

ThievingFox is a collection of post-exploitation tools to gather credentials from various password managers and windows utilities. Each module leverages a specific method of injecting into the target process, and then hooks internals functions to gather crendentials. The accompanying blog post ca...