Screenspy - Capture user screenshots using shortcut file (Bypass SmartScreen/Defender)

Capture user screenshots using shortcut file Bypass SmartScreen/Defender. Suport Multi-monitor Legal disclaimer: Usage of ScreenSpy for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers...

RS256-2-HS256 - JWT Attack To Change The Algorithm RS256 To HS256

JWT Attack to change the algorithm RS256 to HS256 Usage usage: RS2562HS256JWT.py -h payload pubkey positional arguments: payload JSON payload from JWT to attack pubkey Public key file to use for signing optional arguments: -h, --help show this help message and exit Example Download RS256-2-HS256...

Pwndrop - Self-Deployable File Hosting Service For Red Teamers, Allowing To Easily Upload And Share Payloads Over HTTP And WebDAV

pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV. If you've ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m...

Sshuttle - Transparent Proxy Server That Works As A Poor Man'S VPN. Forwards Over SSH

As far as I know, sshuttle is the only program that solves the following common case: Your client machine or router is Linux, FreeBSD, or MacOS. You have access to a remote network via ssh. You don't necessarily have admin access on the remote network. The remote network has no VPN, or only...

badKarma - Advanced Network Reconnaissance Toolkit

badKarma is a python3 GTK+ network infrastructure penetration testing toolkit. badKarma aim to help the tester in all the penetration testing phases information gathering, vulnerability assessment,exploitation,post-exploitation and reporting. It allow the tester to save time by having...

XSSSNIPER - An Automatic XSS Discovery Tool

XSSSNIPER is an handy xss discovery tool with mass scanning functionalities. Usage: Usage: xsssniper.py options Options: -h, --help show this help message and exit -u URL, --url=URL target URL --post try a post request to target url --data=POSTDATA post data to use --threads=THREADS number of...

backdoorppt - transform your payload.exe into one fake word doc (.ppt)

backdoorppt - 'Office spoof extensions tool' Version release: v1.5-Stable Distros Supported: Linux Kali, Ubuntu, Mint Author: pedro ubuntu r00t-3xp10it Suspicious-Shell-Activity© SSA RedTeam develop @2017 Transform your payload.exe into one fake word doc .ppt Simple script that allow users to add...

John the Ripper 1.8.0-jumbo-1 - Fast Password Cracker

John the Ripper is a free password cracking software tool. Initially developed for the Unix operating system, it now runs on fifteen different platforms eleven of which are architecture-specific versions of Unix, DOS, Win32, BeOS, and OpenVMS. It is one of the most popular password testing and...

Onionshare - Securely and anonymously share a file of any size

OnionShare lets you securely and anonymously share a file of any size with someone. It works by starting a web server, making it accessible as a Tor hidden service, and generating an unguessable URL access and download the file. It doesn't require setting up a server on the internet somewhere or...

[Pyew v2.2] A Python tool for static malware analysis

Pyew is a command line python tool to analyse malware. It does have support for hexadecimal viewing, disassembly Intel 16, 32 and 64 bits, PE and ELF file formats it performs code analysis and let you write scripts using an API to perform many types of analysis, follows direct call/jmp instructio...

[HTTrack Website Copier] Download a Website from the Internet to a Local Directory

HTTrack is a free GPL, libre/free software and easy-to-use offline browser utility. It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arrange...

LDAPWordlistHarvester - A Tool To Generate A Wordlist From The Information Present In LDAP, In Order To Crack Passwords Of Domain Accounts

A tool to generate a wordlist from the information present in LDAP, in order to crack non-random passwords of domain accounts. Features The bigger the domain is, the better the wordlist will be. x Creates a wordlist based on the following information found in the LDAP: x User : name and...

DoSinator - A Powerful Denial Of Service (DoS) Testing Tool

DoSinator is a versatile Denial of Service DoS testing tool developed in Python. It empowers security professionals and researchers to simulate various types of DoS attacks, allowing them to assess the resilience of networks, systems, and applications against potential cyber threats. Features...

Noir - An Attack Surface Detector Form Source Code

Noir is an attack surface detector form source code. Key Features Automatically identify language and framework from source code. Find API endpoints and web pages through code analysis. Load results quickly through interactions with proxy tools such as ZAP, Burpsuite, Caido and More Proxy tools...

Email-Vulnerablity-Checker - Find Email Spoofing Vulnerablity Of Domains

Verify whether the domain is vulnerable to spoofing by Email-vulnerablity-checker Features This tool will automatically tells you if the domain is email spoofable or not you can do single and multiple domain input as well for multiple domain checker you need to have text file with domains in it...

PartyLoud - A Simple Tool To Generate Fake Web Browsing And Mitigate Tracking

PartyLoud is a highly configurable and straightforward free tool that helps you prevent tracking directly from your linux terminal, no special skills required. Once started, you can forget it is running. It provides several flags; each flag lets you customize your experience and change PartyLoud...

KNX-Bus-Dump - A Tool To Listen On A KNX Bus Via TPUART And The Calimero Project Suite And To Dump The Data From The Packets Into A Wireshark-Compatible File Hex Dump

KNX is a popular building automation protocol and is used to interconnect sensors, actuators and other components of a smart building together. Our KNX Bus Dump tool uses the Calimero java library, which we contributed to for the sake of this tool, to record the telegrams sent over a KNX bus...

ODBParser - OSINT Tool To Search, Parse And Dump Only The Open Elasticsearch And MongoDB Directories That Have The Data You Care About Exposing

ODBParser is a tool to search for PII being exposed in open databases. ONLY to be used to identify exposed PII and warn server owners of irresponsible database maintenance OR to query databases you have permission to access! PLEASE USE RESPONSIBLY What is this? Wrote this as wanted to create...

PSPKIAudit - PowerShell toolkit for auditing Active Directory Certificate Services (AD CS)

PowerShell toolkit for auditing Active Directory Certificate Services AD CS. It is built on top of PKISolution's PSPKI toolkit Microsoft Public License. This repo contains a newer version of PSPKI than what's available in the PSGallery see the PSPKI directory. Vadims Podans the creator of PSPKI...

AlanFramework - A Post-Exploitation Framework

Alan Framework is a post-exploitation framework useful during red-team activities. If you find my tool useful, please consider tosponsor me. Sponsored users have access to early releases and non public content. You can download the binary from:...

DarkLoadLibrary - LoadLibrary For Offensive Operations

LoadLibrary for offensive operations. How does is work? https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/ Usage DARKMODULE DarkModule = DarkLoadLibrary LOADLOCALFILE, // control flags L"TestDLL.dll", // local dll path, if loading from disk NULL, // DLL Buffer to load from if...

KubiScan - A Tool To Scan Kubernetes Cluster For Risky Permissions

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control RBAC authorization model. The tool was published as part of the "Securing Kubernetes Clusters by Eliminating Risky Permissions" research...

Kali Linux 2021.1 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2021.1. This release has various impressive updates. The summary of the changelog since the 2020.4 release from November 2020 is: Xfce 4.16 - Our preferred and current default desktop environment has been updated and tweaked KDE 5.20 - Plasma also...

GRecon - Your Google Recon Is Now Automated

GRecon Greei-Conn is a simple python tool that automates the process of Google Based Recon AKA Google Dorking The current Version 1.0 Run 7 Search Queries 7 Micro-Plugins on the spicified Target Providing Awsome Results Current Version Run Google Search Queries to find : Subdomains Sub-Subdomains...

APICheck - The DevSecOps Toolset For REST APIs

APICheck is a complete toolset designed and created for testing REST APIs. Why APICheck APICheck focuses not only in the security testing and hacking use cases. The goal of the project is to become a complete toolset for DevSecOps cycles. The tools are aimed to diverse users profiles: Developers...

Gitjacker - Leak Git Repositories From Misconfigured Websites

Gitjacker downloads git repositories and extracts their contents from sites where the .git directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are disabled. For educational/penetration testing use only...

NERVE - Network Exploitation, Reconnaissance & Vulnerability Engine

NERVE is a vulnerability scanner tailored to find low-hanging fruit level vulnerabilities, in specific application configurations, network services, and unpatched services. It is not a replacement for Qualys, Nessus, or OpenVAS. It does not do authenticated scans, and operates in black-box mode...

SkyWrapper - Tool That Helps To Discover Suspicious Creation Forms And Uses Of Temporary Tokens In AWS

SkyWrapper is an open-source project which analyzes behaviors of temporary tokens created in a given AWS account. The tool is aiming to find suspicious creation forms and uses of temporary tokens to detect malicious activity in the account. The tool analyzes the AWS account, and creating an excel...

CredNinja - A Multithreaded Tool Designed To Identify If Credentials Are Valid, Invalid, Or Local Admin Valid Credentials Within A Network At-Scale Via SMB, Plus Now With A User Hunter

This tool is intended for penetration testers who want to perform an engagement quickly and efficiently. While this tool can be used for more covert operations including some additions below, it really shines when used at the scale of a large network. At the core of it, you provide it a list of...

Antispy - A Free But Powerful Anti Virus And Rootkits Toolkit

AntiSpy is a free but powerful anti virus and rootkits toolkit. It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks. With its assistance,you can easily spot and neutralize malwares hidden from normal detectors. Developme...

Ettercap - A Comprehensive Suite For Man In The Middle Attacks

Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. ETTERCAP...

NtlmRelayToEWS - Ntlm Relay Attack To Exchange Web Services

ntlmRelayToEWS is a tool for performing ntlm relay attacks on Exchange Web Services EWS. It spawns an SMBListener on port 445 and an HTTPListener on port 80, waiting for incoming connection from the victim. Once the victim connects to one of the listeners, an NTLM negociation occurs and is relaye...

Optiva Framework - Web Application Scanner

You can use this Framework on your website to check the security of your website by finding the vulnerability in your website or you can use this tool to Get admin panel search SQL injection by dork As well as collecting information and encrypting Hash. Features : Infromation Modules : Port Scann...

probeSniffer - A Tool for Sniffing Unencrypted Wireless Probe Requests from Devices

| | \ / | \ / / | | | | |/ | \ | o | D | | o / | || || | / | D | /| /| O | | \ | | || || | | || | / | | | | | O | / \ | | || || | | | \ | | | . | | | \ | | || || | | | | | . \ || |||/|||||||| || |||| v2.1 by David SchĂźtz @xdavidhu A tool for sniffing unencrypted wireless probe requests...

BLACKBOx - A Penetration Testing Framework

Password Attacks: MD5 CRACKER SHA1 CRACKER SHA224 CRACKER SHA256 CRACKER SHA384 CRACKER SHA512 CRACKER MSSQL2000 CRACKER MSSQL2005 CRACKER MYSQL323 CRACKER MYSQL41 CRACKER ORACLE11 CRACKER Web Hacking : Wordpress Bruteforce – Bruteforce wordpress panel FTP Bruteforce – Bruteforcing FTP LOGIN SSH...

THC-Hydra 8.2 - Network Logon Cracker

A very fast network logon cracker which support many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept...

Whonix v11 - Anonymous Operating System

Whonix is an operating system focused on anonymity, privacy and security. It’s based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user’s real IP. Whonix consists of two parts: One...

IVRE - A Python network recon framework, based on Nmap, Bro & p0f

IVRE Instrument de veille sur les réseaux extérieurs or DRUNK Dynamic Recon of UNKnown networks is a network recon framework, including two modules for passive recon one p0f-based and one Bro-based and one module for active recon mostly Nmap-based, with a bit of ZMap. The advertising slogans are:...

[Web-Sorrow v1.5] Versatile security scanner for the information disclosure and fingerprinting phases of pentesting

Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any...

[Facebook Password Decryptor v5.0] Facebook Password Recovery Software

Facebook Password Decryptor is the FREE software to instantly recover Facebook account passwords stored by popular Web Browsers and Messengers. It is one of our most popular software with over One Million downloads worldwide. It supports recovering of the stored Facebook login password from most ...

MasterParser - Powerful DFIR Tool Designed For Analyzing And Parsing Linux Logs

What is MasterParser ? MasterParser stands as a robust Digital Forensics and Incident Response tool meticulously crafted for the analysis of Linux logs within the var/log directory. Specifically designed to expedite the investigative process for security incidents on Linux systems, MasterParser...

InfoHound - An OSINT To Extract A Large Amount Of Data Given A Web Domain Name

During the reconnaissance phase, an attacker searches for any information about his target to create a profile that will later help him to identify possible ways to get in an organization. InfoHound performs passive analysis techniques which do not interact directly with the target using OSINT to...

Octopii - An AI-powered Personal Identifiable Information (PII) Scanner

Octopii is an open-source AI-powered Personal Identifiable Information PII scanner that can look for image assets such as Government IDs, passports, photos and signatures in a directory. Working Octopii uses Tesseract's Optical Character Recognition OCR and Keras' Convolutional Neural Networks CN...

CrackQL - GraphQL Password Brute-Force And Fuzzing Utility

CrackQL is a GraphQL password brute-force and fuzzing utility. CrackQL is a versatile GraphQL penetration testing tool that exploits poor rate-limit and cost analysis controls to brute-force credentials and fuzz operations. How it works? CrackQL works by automatically batching a single GraphQL...

PowerProxy - PowerShell SOCKS Proxy With Reverse Proxy Capabilities

PowerShell SOCKS proxy with reverse proxy capabilities. PowerProxy is written with penetration testers in mind. Reverse proxy functionality is a priority, for traversing networks that block inbound connections. Reverse proxy connections are encrypted by default. Username/Password authentication i...

Wordlistgen - Quickly Generate Context-Specific Wordlists For Content Discovery From Lists Of URLs Or Paths

wordlistgen is a tool to pass a list of URLs and get back a list of relevant words for your wordlists. Wordlists are much more effective when you take the application's context into consideration. wordlistgen pulls out URL components, such as subdomain names, paths, query strings, etc. and spits...

BatchQL - GraphQL Security Auditing Script With A Focus On Performing Batch GraphQL Queries And Mutations

BatchQL is a GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations. This script is not complex, and we welcome improvements. When exploring the problem space of GraphQL batching attacks, we found that there were a few blog posts on the internet, however n...

Keimpx - Check For Valid Credentials Across A Network Over SMB

keimpx is an open source tool, released under the Apache License 2.0. It can be used to quickly check for valid credentials across a network over SMB. Credentials can be: Combination of user / plain-text password. Combination of user / NTLM hash. Combination of user / NTLM logon session token. If...

AuraBorealisApp - Do You Know What's In Your Python Packages? A Tool For Visualizing Python Package Registry Security Audit Data

AuraBorealis is a web application for visualizing anomalous and potentially malicious code in Python package registries. It uses security audit data produced by scanning the Python Package Index PyPI via Aura, a static analysis designed for large scale security auditing of Python packages. The...

Domhttpx - A Google Search Engine Dorker With HTTP Toolkit Built With Python, Can Make It Easier For You To Find Many URLs/IPs At Once With Fast Time

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time. Usage Flags This will display help for the tool. Here are all the switches it supports. Flag | Description | Example ---|---|--- -ip, --only-ip |...