AzureGraph - Azure AD Enumeration Over MS Graph

AzureGraph is an Azure AD information gathering tool over Microsoft Graph. Thanks to Microsoft Graph technology, it is possible to obtain all kinds of information from Azure AD, such as users, devices, applications, domains and much more. This application, allows you to query this data through th...

GodGenesis - A Python3 Based C2 Server To Make Life Of Red Teamer A Bit Easier. The Payload Is Capable To Bypass All The Known Antiviruses And Endpoints

God Genesis is a C2 server purely coded in Python3 created to help Red Teamers and Penetration Testers. Currently It only supports TCP reverse shell but wait a min, its a FUD and can give u admin shell from any targeted WINDOWS Machine. The List Of Commands It Supports :-...

Autodeauth - A Tool Built To Automatically Deauth Local Networks

A tool built to automatically deauth local networks Tested on Raspberry Pi OS and Kali Linux Setup $ chmod +x setup.sh $ sudo ./setup.sh Reading package lists... Done Building dependency tree... Done Reading state information... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded...

GONET-Scanner - Golang Network Scanner With Arp Discovery And Own Parser

ScreenShots Install chmod +x install.sh ./install.sh as root Usage ARP Discovery -ar CIDR -s: Scan ports in all hosts discovered -ap: Scan to 65535 Ports -pr MINPORT MAXPORT: Define Port Range to Scan -1000: Scan Top 1000 ports like nmap -t: Set Timeout in milliseconds EXAMPLES go run...

Bluffy - Convert Shellcode Into Different Formats!

Bluffy is a utility which was used in experiments to bypass Anti-Virus products statically by formatting shellcode into realistic looking data formats. Proof-of-concept tools, such as 0xBoku's NinjaUUIDRunner and ChoiSG's UuidShellcodeExec, inspired the initial concept for Bluffy. So far, we...

Iptable_Evil - An Evil Bit Backdoor For Iptables

iptableevil is a very specific backdoor for iptables that allows all packets with the evil bit set, no matter the firewall rules. The initial implementation is in iptableevil.c, which adds a table to iptables and requires modifying a kernel header to insert a spot for it. The second implementatio...

Keeweb - Free Cross-Platform Password Manager Compatible With KeePass

This webapp is a browser and desktop password manager compatible with KeePass databases. It doesn't require any server or additional resources. The app can run either in browser, or as a desktop app. Quick Links Apps: Web, Desktop Timeline: Release Notes, TODO On one page: Features, FAQ Website:...

PortBender - TCP Port Redirection Utility

PortBender is a TCP port redirection utility that allows a red team operator to redirect inbound traffic destined for one TCP port e.g., 445/TCP to another TCP port e.g., 8445/TCP. PortBender includes an aggressor script that operators can leverage to integrate the tool with Cobalt Strike. Howeve...

DNSrr - A Tool Written In Bash, Used To Enumerate All The Juicy Stuff From DNS

DNSrr is a tool written in bash, used to enumerate all the juicy stuff from DNS records, it uses different techniques like DNS Forward Bruteforce DNS Reverse Bruteforce DNS Cache Snooping DNS Zone Transfer To get you all the information that you can get, from a DNS server. Installation Install it...

Forblaze - A Python Mac Steganography Payload Generator

Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C file for you which will be compiled to pull desired encrypted URLs out of the stego file, fetch payloads over https, and execute them directly into memory. It utilizes...

NamedPipePTH - Pass The Hash To A Named Pipe For Token Impersonation

This project is a PoC code to use Pass-the-Hash for authentication on a local Named Pipe user Impersonation. There also is a blog post for explanation: https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/ It is heavily based on the code from the projects Invoke-SMBExec.ps1 and RoguePotato. I faced...

Priv2Admin - Exploitation Paths Allowing You To (Mis)Use The Windows Privileges To Elevate Your Rights Within The OS

The idea is to "translate" Windows OS privileges to a path leading to: 1. administrator, 2. integrity and/or confidentiality threat, 3. availability threat, 4. just a mess. Privileges are listed and explained at: https://docs.microsoft.com/en-us/windows/win32/secauthz/privilege-constants If the...

LibAFL - Advanced Fuzzing Library - Slot Your Fuzzer Together In Rust! Scales Across Cores And Machines. For Windows, Android, MacOS, Linux, No_Std, ...

Advanced Fuzzing Library - Slot your own fuzzers together and extend their features using Rust. LibAFL is written and maintained by Andrea Fioraldi [email protected] and Dominik Maier [email protected]. Why LibAFL? LibAFL gives you many of the benefits of an off-the-shelf fuzzer, while...

Ldsview - Offline search tool for LDAP directory dumps in LDIF format

Offline search tool for LDAP directory dumps in LDIF format. Features Fast and memory efficient parsing of LDIF files Build ldapsearch commands to extract an LDIF from a directory Show directory structure UAC and directory time format translation Config Config options can be passed as CLI flags,...

HaE - BurpSuite Highlighter And Extractor

HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages. Read Chinese simplified version READMEzh. Public Rules Website: https://gh0st.cn/HaE/ Introduction HaE is used to highlight HTTP requests and extract information from HTTP response...

Slipstream - NAT Slipstreaming Allows An Attacker To Remotely Access Any TCP/UDP Services Bound To A Victim Machine, Bypassing The Victim's NAT/firewall, Just By The Victim Visiting A Website

NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim's NAT/firewall arbitrary firewall pinhole control, just by the victim visiting a website. Developed by : @SamyKamkar // https://samy.pl Released : October 31, 2020 Source...

Js-X-Ray - JavaScript And Node.js Open-Source SAST Scanner (A Static Analysis Of Detecting Most Common Malicious Patterns)

JavaScript AST analysis. This package has been created to export the Node-Secure AST Analysis to enable better code evolution and allow better access to developers and researchers. The goal is to quickly identify dangerous code and patterns for developers and Security researchers. Interpreting th...

GG-AESY - Hide Cool Stuff In Images

Blogpost: https://redteamer.tips/introducing-gg-aesy-a-stegocryptor/ WARNING: you might need to restore NuGet packages and restart visual studio before compiling. If anyone knows how I can get rid of this problem, DM me. Manual To start off, I highly recommend to always use GG-AESY using verbose...

PwnedPasswordsChecker - Search (Offline) If Your Password (NTLM Or SHA1 Format) Has Been Leaked (HIBP Passwords List V5)

PwnedPasswordsChecker is a tool that checks if the hash of a known password in SHA1 or NTLM format is present in the list of I Have Been Pwned leaks and the number of occurrences. You can download the hash-coded version for SHA1 here or the hash-coded version for NTLM here Once the list is...

DropEngine - Malleable Payloads!

By @s0lst1c3 Disclaimer DropEngine the "Software" and associated documentation is provided “AS IS”. The Developer makes no other warranties, express or implied, and hereby disclaims all implied warranties, including any warranty of merchantability and warranty of fitness for a particular purpose...

Kali Linux 2020.3 Release - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! Quarter 3 – Kali Linux 20202.3. This release has various impressive updates. A quick overview of what’s new since the last release in May 2020: New Shell – Starting the process to switch from “Bash” to “ZSH “ The release of “Win-Kex ” – Get readyWSL2 Automatin...

Bastillion - A Web-Based SSH Console That Centrally Manages Administrative Access To Systems

Bastillion is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys. Key management and administration is based on profiles assigned to defined users. Administrators can logi...

VBSmin - VBScript Minifier

VBScript minifier Features Remove extra whitespace Trailing whitespace Leading whitespace Blank lines Inline extra spaces Remove comments Single quote start of the line Single quote inline REM One-line Line splitting underscore Colon Quick start Quick install $ gem install vbsmin See more install...

OSSEM - A Tool To Assess Data Quality

A tool to assess data quality, built on top of the awesome OSSEM project. Mission Answer the question: I want to start hunting ATT&CK techniques, what log sources and events are more suitable? Create transparency on the strengths and weaknesses of your log sources Provide an easy way to evaluate...

crauEmu - An uEmu Extension For Developing And Analyzing Payloads For Code-Reuse Attacks

crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks. Slides from ZeroNights 2019 Demo 1 - X32-64, Edge, rop-gadgets from pwnjs Demo 2 - ARM64, checkm8 callback-chain Mascot designed by@kottsarapkin RopEditor Installation 1. Put the file crauEmu.py in same...

Eavesarp - Analyze ARP Requests To Identify Intercommunicating Hosts And Stale Network Address Configurations (SNACs)

A reconnaissance tool that analyzes ARP requests to identify hosts that are likely communicating with one another, which is useful in those dreaded situations where LLMNR/NBNS aren't in use for name resolution. Requirements/Installation This is only gon' work on Kali or other Debian-basedLinux...

ACHE - A Web Crawler For Domain-Specific Search

ACHE is a focused web crawler. It collects web pages that satisfy some specific criteria, e.g., pages that belong to a given domain or that contain a user-specified pattern. ACHE differs from generic crawlers in sense that it uses page classifiers to distinguish between relevant and irrelevant...

imR0T - Send A Message To Your Whatsapp Contact And Protect Your Text By Encrypting And Decrypting (ROT13)

imR0T: Send a quick message with simple text encryption to your whatsapp contact and protect your text by encrypting and decrypting, basically in ROT13 with new multi encryption based algorithm on ASCII and Symbols Substitution. How To Use It's simple: Clone this repository git clone...

wpCrack - Wordpress Hash Cracker

Wordpress Hash Cracker. Installation git clone https://github.com/MrSqar-Ye/wpCrack.git Video Download wpCrack...

Taipan - Web Application Security Scanner

Taipan is a an automated web application scanner which allows to identify web vulnerabilities in an automatic fashion. This project is the core engine of a broader project which include other components, like a web dashboard where you can manage your scan or download a PDF report and a scanner...

Excalibur - An Eternalblue exploit payload based Powershell

Excalibur is an Eternalblue exploit based "Powershell" for the Bashbunny project. It's purpose is to reflect on how a "simple" USB drive can execute the 7 cyber kill chain. Excalibur may be used only for demostrations purposes only, and the developers are not responsible to any misuse or illeagal...

DBeaver - Free Universal DataBase Manager and SQL Client

Free multi-platform database tool for developers, SQL programmers, database administrators and analysts. Supports any database which has JDBC driver which basically means - ANY database. EE version also supports non-JDBC datasources WMI, MongoDB, Cassandra, Redis. Has a lot of features including...

pi-hole - A Black Hole For Internet Advertisements (Designed For Raspberry Pi)

A black hole for Internet advertisements designed for Raspberry Pi Designed For Raspberry Pi A+, B, B+, 2, Zero, and 3B with an Ethernet/Wi-Fi adapter Works on most Debian distributions! 1. Install Raspbian 2. Run the command below downloads this script in case you want to read over it first! cur...

Airgeddon - A Multi-use Bash Script for Linux Systems to Audit Wireless Networks

Features Interface mode switcher Monitor-Managed. DoS over wireless networks with different methods. Assisted Handshake file capture. Cleaning and optimizing Handshake captured files. Offline password decrypt on WPA/WPA2 captured files dictionary and bruteforce. Compatibility with many Linux...

REMnux v6 - A Linux Toolkit for Reverse-Engineering and Analyzing Malware

REMnux is a free Linux toolkit for assisting malware analysts with reverse-engineering malicious software. It strives to make it easier for forensic investigators and incident responders to start using the variety of freely-available tools that can examine malware, yet might be difficult to locat...

Remote DLL - Simple & Free Tool to Inject or Remove DLL from Remote Process

RemoteDLL is the simple tool to Inject DLL or Remove DLL from Remote Process. It is based on popular Dll Injection technique. It supports following DLL Injection methods CreateRemoteThread NtCreateThread Good for DLL Injection across sessions on Vista/Windows 7 QueueUseAPC Delayed Injection...

[WiFi Password Decryptor v3.0] Wireless Password Recovery Software

WiFi Password Decryptor is the FREE software to instantly recover Wireless account passwords stored on your system. It automatically recovers all type of Wireless Keys/Passwords WEP/WPA/WPA2 etc stored by Windows Wireless Configuration Manager. For each recovered WiFi account, it displays followi...

[TCHead] TrueCrypt Password Cracking Tool

TCHead is software that decrypts and verifies TrueCrypt headers. TCHead supports all the current hashes, individual ciphers, standard volume headers, hidden volume headers and system drive encrypted headers preboot authentication. Brute-force TrueCrypt : However, TrueCrypt passwords go through ma...

Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients

A Model Context Protocol MCP server implementation that integrates with Firecrawl for web scraping capabilities. Big thanks to @vrknetha, @cawstudios for the initial implementation! You can also play around with our MCP Server on MCP.so's playground. Thanks to MCP.so for hosting and @gstarwd for...

Invoke-SessionHunter - Retrieve And Display Information About Active User Sessions On Remote Computers (No Admin Privileges Required)

Retrieve and display information about active user sessions on remote computers. No admin privileges required. The tool leverages the remote registry service to query the HKEYUSERS registry hive on the remote computers. It identifies and extracts Security Identifiers SIDs associated with active...

SqliSniper - Advanced Time-based Blind SQL Injection Fuzzer For HTTP Headers

SqliSniper is a robust Python tool designed to detect time-based blind SQL injections in HTTP request headers. It enhances the security assessment process by rapidly scanning and identifying potential vulnerabilities using multi-threaded, ensuring speed and efficiency. Unlike other scanners,...

Poastal - The Email OSINT Tool

Poastal is an email OSINT tool that provides valuable information on any email address. With Poastal, you can easily input an email address and it will quickly answer several questions, providing you with crucial information. Features Determine the name of the person who has the email. Check if t...

QuadraInspect - Android Framework That Integrates AndroPass, APKUtil, And MobFS, Providing A Powerful Tool For Analyzing The Security Of Android Applications

The security of mobile devices has become a critical concern due to the increasing amount of sensitive data being stored on them. With the rise of Android OS as the most popular mobile platform, the need for effective tools to assess its security has also increased. In response to this need, a ne...

Wifi_Db - Script To Parse Aircrack-ng Captures To A SQLite Database

Script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes in 22000 hashcat format, MGT identities, interesting relations between APs, clients and it's Probes, WPS information and a global view of all the APs seen. / | | || | \ \ /\ / /| || | | | / ...

Gmailc2 - A Fully Undetectable C2 Server That Communicates Via Google SMTP To Evade Antivirus Protections And Network Traffic Restrictions

A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions Note: This RAT communicates Via Gmail SMTP or u can use any other smtps as well but Gmail SMTP is valid because most of the companies block unknown traffic so gmail...

Faraday - Open Source Vulnerability Management Platform

Security has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation efforts. With Faraday, you may focus on discovering vulnerabilities while we help you with the rest. Just use it in your terminal and get your work organized on...

GUAC - Aggregates Software Security Metadata Into A High Fidelity Graph Database

Note: GUAC is under active development - if you are interested in contributing, please look at contributor guide and the "express interest" issue Graph for Understanding Artifact Composition GUAC aggregates software security metadata into a high fidelity graph database—normalizing entity identiti...

OFRAK - Unpack, Modify, And Repack Binaries

OFRAK Open Firmware Reverse Analysis Konsole is a binary analysis and modification platform. OFRAK combines the ability to: Identify and Unpack many binary formats Analyze unpacked binaries with field-tested reverse engineering tools Modify and Repack binaries with powerful patching strategies...

Reverse_SSH - SSH Based Reverse Shell

Want to use SSH for reverse shells? Now you can. Manage and connect to reverse shells with native SSH syntax Dynamic, local and remote forwarding Native SCP and SFTP implementations for retrieving files from your targets Full windows shell Mutual client & server authentication to create high trus...

Whids - Open Source EDR For Windows

What EDR with artifact collection driven by detection. The detection engine is built on top of a previous project Gene specially designed to match Windows events against user defined rules. What do you mean by "artifact collection driven by detection" ? It means that an alert can directly trigger...