6011 matches found
HackBrowserData - Decrypt Passwords/Cookies/History/Bookmarks From The Browser
hack-browser-data is an open-source tool that could help you decrypt data passwords / bookmarks / cookies / history from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux. Supported Browser Windows Browser | Password | Cookie | Bookmark | Histor...
GhostShell - Malware Indetectable, With AV Bypass Techniques, Anti-Disassembly, And More
In this malware, are used some techniques to try bypass the AVs, VMs, and Sandboxes, with only porpuse to learning more. I'm not responsible for your actions. Bypass Techniques Anti-Debugger To try bypass the Debuggers, I'm using the "IsDebuggerPresent" of "Windows.h" librarie to checks if a...
Clipboardme - Grab And Inject Clipboard Content By Link
Grab/Inject Clipboard Content Browsers are implementing a new JavaScript API for asynchronous clipboard access to integrate copy and paste into web applications. It is a replacement for the synchronous execCommand-based copy & paste. Async Clipboard requests doesn't block the page while waiting t...
Elemental - An MITRE ATTACK Threat Library
Elemental is a centralized threat library of MITRE ATT&CK techniques, Atomic Red Team tests, and over 280 Sigma rules. It provides an alternative way to explore the ATT&CK dataset, mapping relevant Atomic Red Team tests and Sigma rules to their respective technique. Elemental allows defenders to...
Inhale - A Malware Analysis And Classification Tool
Inhale is a malware analysis and classification tool that is capable of automating and scaling many static analysis operations. This is the beta release version, for testing purposes, feedback, and community development. Background Inhale started as a series of small scripts that I used when...
TAS - A Tiny Framework For Easily Manipulate The Tty And Create Fake Binaries
A tiny framework for easily manipulate the tty and create fake binaries. How it works? The framework has three main functions, tasexecv, tasforkpty, and tasttyloop. tasexecv: It is a function similar to execv, but it doesn't re-execute the current binary, something very useful for creating fake...
DockerSecurityPlayground - A Microservices-based Framework For The Study Of Network Security And Penetration Test Techniques
Docker Security Playground is an application that allows you to: Create network and network security scenarios , in order to understand network protocols, rules, and security issues by installing DSP in your PC. Learn penetrationtesting techniques by simulating vulnerability labs scenarios Manage...
Platypus - A Modern Multiple Reverse Shell Sessions Manager Written In Go
A modern multiple reverse shell sessions/clients manager via terminal written in go. Features Multiple service listening port Multiple client connections RESTful API Reverse shell as a service Screenshot Network Topology Attack IP: 192.168.1.2 Reverse Shell Service: 0.0.0.0:8080 RESTful Service:...
Rp++ - Tool That Aims To Find ROP Sequences In PE/Elf/Mach-O X86/X64 Binaries
rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O doesn't support the FAT binaries x86/x64 binaries. It is open-source, documented with Doxygen well, I'm trying to.. and has been tested on several OS: Debian / Windows 7 / FreeBSD / Mac OSX Lion 10.7.3. Moreover, it ...
Debinject - Inject malicious code into *.debs
Inject malicious code into .debs CLONE git clone https://github.com/UndeadSec/Debinject.git RUNNING cd Debinject python debinject.py If you have another version of Python: python2.7 debinject.py RUN ON TARGET SIDE chmod 755 default.deb dpkg -i backdoored.deb PREREQUISITES dpkg dpkg-deb metasploit...
Cangibrina - A Fast And Powerfull Dashboard (Admin) Finder
Cangibrina is a multi platform tool which aims to obtain the Dashboard of sites using brute-force over wordlist, google, nmap, and robots.txt Requirements: Python 2.7 mechanize PySocks beautifulsoup4 html5lib Nmap --nmap TOR --tor Install: Linux git clone http://github.com/fnk0c/cangibrina.git cd...
wafpass - WAF Security Benchmark
██╗ ██╗ █████╗ ███████╗██████╗ █████╗ ███████╗███████╗ ██║ ██║██╔══██╗██╔════╝██╔══██╗██╔══██╗██╔════╝██╔════╝ ██║ █╗ ██║███████║█████╗ ██████╔╝███████║███████╗███████╗ ██║███╗██║██╔══██║██╔══╝ ██╔═══╝ ██╔══██║╚════██║╚════██║ ╚███╔███╔╝██║ ██║██║ ██║ ██║ ██║███████║███████║ ╚══╝╚══╝ ╚═╝ ╚═╝╚═╝ ╚...
ONIOFF - Onion URL Inspector
A simple tool - written in pure python - for inspecting Deep Web URLs or onions. Compatible with Python 2.6 & 2.7. Author: Nikolaos Kamarinakis nikolaskama.me Installation You can download ONIOFF by cloning the Git Repo and simply installing its requirements: $ git clone...
John the Ripper 1.8.0-jumbo-1 - Fast Password Cracker
John the Ripper is a free password cracking software tool. Initially developed for the Unix operating system, it now runs on fifteen different platforms eleven of which are architecture-specific versions of Unix, DOS, Win32, BeOS, and OpenVMS. It is one of the most popular password testing and...
SAMHAIN v3.1.2 - File Integrity Checker / Host-Based Intrusion Detection System
The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis , as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially...
Wireshark v1.10.8 - The world’s foremost network protocol analyzer
Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto and often de jure standard across many industries and educational institutions. Wireshark development thrives thanks to the...
Nosql-Exploitation-Framework - A FrameWork For NoSQL Scanning and Exploitation Framework
A FrameWork For NoSQL Scanning, Enumeration and Exploitation. NoSQL Databases are schema less databases. They were invented to store data easily and flexibly. NoSQL Databases have gained popularity and its security has always been under the scanner. The NoSQL Exploitation Framework focuses...
[XSSless] An automated XSS payload generator written in python
An automated XSS payload generator written in python. Usage 1. Record requests with Burp proxy 2. Select requests you want to generate, then right click and select "Save items" 3. Use xssless to generate your payload: ./xssless.py burpexportfile 4. Pwn! A more detailed tutorial can be found here...
[Pyew v2.2] A Python tool for static malware analysis
Pyew is a command line python tool to analyse malware. It does have support for hexadecimal viewing, disassembly Intel 16, 32 and 64 bits, PE and ELF file formats it performs code analysis and let you write scripts using an API to perform many types of analysis, follows direct call/jmp instructio...
[Veil v1.2] A Payload Generator to Bypass Antivirus
Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. Veil was designed to run on Kali Linux, but should function on any system capable of executing python scripts. Simply call Veil from the command line, and follow the menu to generate a payload. Upon...
[REMnux] A Linux Distribution for Malware Analysis
REMnux incorporates a number of tools for analyzing malicious executables that run on Microsoft Windows, as well as browser-based malware, such as Flash programs and obfuscated JavaScript. This popular toolkit includes programs for analyzing malicious documents, such PDF files, and utilities for...
[Viproy] VoIP Penetration Testing Kit
Viproy Voip Pen-Test Kit is developed to improve quality of SIP Penetration Tests. It provides authentication feature that helps to create simple tests. It includes 7 different modules with authentication support: options tester, brute forcer, enumerator, invite tester, trust analyzer, proxy and...
[HTTrack Website Copier] Download a Website from the Internet to a Local Directory
HTTrack is a free GPL, libre/free software and easy-to-use offline browser utility. It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arrange...
CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
🐫 CAMEL is an open-source community dedicated to finding the scaling laws of agents. We believe that studying these agents on a large scale offers valuable insights into their behaviors, capabilities, and potential risks. To facilitate research in this field, we implement and support various type...
BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
Evade EDR's the simple way, by not touching any of the API's they hook. Theory I've noticed that most EDRs fail to scan scripting files, treating them merely as text files. While this might be unfortunate for them, it's an opportunity for us to profit. Flashy methods like residing in memory or...
CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training
CrimsonEDR is an open-source project engineered to identify specific malware patterns, offering a tool for honing skills in circumventing Endpoint Detection and Response EDR. By leveraging diverse detection methods, it empowers users to deepen their understanding of security evasion tactics...
BucketLoot - An Automated S3-compatible Bucket Inspector
BucketLoot is an automated S3-compatible Bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text. The tool can scan for bucke...
HardHatC2 - A C# Command And Control Framework
A cross-platform, collaborative, Command & Control framework written in C, designed for red teaming and ease of use. HardHat is a multiplayer C .NET-based command and control framework. Designed to aid in red team engagements and penetration testing. HardHat aims to improve the quality of life...
Katana - A Next-Generation Crawling And Spidering Framework
A next-generation crawling and spidering framework Features • Installation • Usage • Scope • Config • Filters • Join Discord Features Fast And fully configurable web crawling Standard and Headless mode support JavaScript parsing / crawling Customizable automatic form filling Scope control -...
Suborner - The Invisible Account Forger
What's this? A simple program to create a Windows account you will only know about : Create invisible local accounts without net user or Windows OS user management applications e.g. netapi32::netuseradd Works on all Windows NT Machines Windows XP to 11, Windows Server 2003 to 2022 Impersonate...
BlueHound - Tool That Helps Blue Teams Pinpoint The Security Issues That Actually Matter
BlueHound is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network It is a fork o...
Grafiki - Threat Hunting Tool About Sysmon And Graphs
Grafiki is a Django project about Sysmon and graphs, for the time being. In my opinion EventViewer, Elastic and even Kibana, are not graphic enough. The current threats are complicated and if attackers think in graphs, defenders also must do it. This is a proof of concept, the code was not debugg...
cThreadHijack - Beacon Object File (BOF) For Remote Process Injection Via Thread Hijacking
. . . \ /| | | / | || || | | / | | | | \ / \ \ / / \ | | \ \ / | |/ / \ | | | Y \ | /\ / / / // \ Y / | | |/ \ | | || /| \ /\ || /|/| /\ | \ / / / / / / | / / / Beacon Object File BOF for remote process injection, via thread hijacking, without spawning a remote thread...
HashCheck - Tool To Assist In The Search For Leaked Passwords
This project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the k-anonymity method. To achieve this, the APIs of different services are used, sending only a part of the Hash of the password we want to check, for example, the first 5 characters...
CrossLinked - LinkedIn Enumeration Tool To Extract Valid Employee Names From An Organization Through Search Engine Scraping
CrossLinked is a LinkedIn enumeration tool that uses search engine scraping to collect valid employee names from a target organization. This technique provides accurate results without the use of API keys, credentials, or even accessing the site directly. Formats can then be applied in the comman...
KubiScan - A Tool To Scan Kubernetes Cluster For Risky Permissions
A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control RBAC authorization model. The tool was published as part of the "Securing Kubernetes Clusters by Eliminating Risky Permissions" research...
ProxyLogon - PoC Exploit for Microsoft Exchange
PoC Exploit for Microsoft Exchange Launche Original PoC: https://github.com/testanull How to use: python proxylogon.py Example: python proxylogon.py primary [email protected] If successful you will be dropped into a webshell. exit or quit to escape from the webshell or ctrl+c By default, it...
Diceware-Password-Generator - Python Implementation Of The Diceware Password Generating Algorithm
Please Note - This Program Do Not StorePasswords In Any Form And All The Passwords Are Generated Locally Inside You Device. Diceware is a method used to generate cryptographically strong memorable passphrases. This is a python implementation of the diceware password generating algorithm. Inspired...
Ssh-Mitm - Ssh Mitm Server For Security Audits Supporting Public Key Authentication, Session Hijacking And File Manipulation
ssh-mitm is an intercepting mitm proxy server for security audits. Redirect/mirror Shell to anotherssh client supported in 0.2.8 Replace File in SCP supported in 0.2.6 Replace File in SFTP supported in 0.2.3 Transparent proxy support in 0.2.2! - intercepting traffic to other hosts is now possible...
K55 - Linux X86_64 Process Injection Utility | Manipulate Processes With Customized Payloads
pronounced: "kay fifty-five" The K55 payload injection tool is used for injecting x8664 shellcode payloads into running processes. The utility was developed using modern C++11 techniques as well as some traditional C linux functions like ptrace. The shellcode spawned in the target process is 27...
Recox - Master Script For Web Reconnaissance
The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other than OWASP top ten. The script presents information against the target system. It gathers the information recursively over each subdomain, and IP addr for a...
Wifipumpkin3 - Powerful Framework For Rogue Access Point Attack
wifipumpkin3 is powerful framework for rogue access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack. Main Features Rogue access point attack Man-in-the-middle attack...
RS256-2-HS256 - JWT Attack To Change The Algorithm RS256 To HS256
JWT Attack to change the algorithm RS256 to HS256 Usage usage: RS2562HS256JWT.py -h payload pubkey positional arguments: payload JSON payload from JWT to attack pubkey Public key file to use for signing optional arguments: -h, --help show this help message and exit Example Download RS256-2-HS256...
MISP - Malware Information Sharing Platform and Threat Sharing
The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of the information by Network Intrusion Detection System NIDS, LIDS but also log analysi...
CAINE 10.0 - GNU/Linux Live Distribution For Digital Forensics Project, Windows Side Forensics And Incident Response
CAINE Computer Aided INvestigative Environment is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti Bari - Italy. CAINE offers a complete forensic environment that is organized to integrate existing software tools as...
RemoteRecon - Remote Recon And Collection
RemoteRecon provides the ability to execute post-exploitation capabilities against a remote host, without having to expose your complete toolkit/agent. Often times as operator's we need to compromise a host, just so we can keylog or screenshot or some other miniscule task against a person/host of...
Tinfoleak v2.4 - The Most Complete Open-Source Tool For Twitter Intelligence Analysis
The most complete open-source tool for Twitter intelligence analysis Introduction tinfoleak is an open-source tool within the OSINT Open Source Intelligence and SOCMINT Social Media Intelligence disciplines, that automates the extraction of information on Twitter and facilitates subsequent analys...
TwLocation - Python Script That Gets Twitter Users' Tweets Location
Python script that gets Twitter users' tweets location Features Gets Twitter Usernames based on a latitude and longitude Profiles URLs Tweet Latitude and Longitude Google Maps link to Latitude and Longitude Usage TwLocation should work on all Linux distros running Python 2.7 First, clone it by...
Posh-SSH - PowerShell Module for automating tasks on remote systems using SSH
Windows Powershell module that leverages a custom version of the SSH.NET Library http://sshnet.codeplex.com/ to provide basic SSH functionality in Powershell. The main purpose of the module is to facilitate automating actions against one or multiple SSH enabled servers. This module is for Windows...
UFONet - DDoS attacks via Web Abuse (XSS/CSRF)
UFONet - is a tool designed to launch DDoS attacks against a target, using 'Open Redirect' vectors on third party web applications, like botnet. See this links for more info: - CWE-601:Open Redirect - OWASP:URL Redirector Abuse Main features: --version show program's version number and exit -v,...