RESim - Reverse Engineering Software Using A Full System Simulator

Reverse engineering using a full system simulator. Dynamic analysis by instrumenting simulated hardware using Simics Trace process trees, system calls and individual programs Reverse execution to selected breakpoints and events Integrated with IDA Protm debugging client Fuzz with a customized AFL...

Jeeves - Time-Based Blind SQLInjection Finder

Jeeves is made for looking to Time-Based Blind SQLInjection through recon. - Installation & Requirements: Installing Jeeves  $ go install github.com/ferreiraklet/Jeeves@latest OR $ git clone https://github.com/ferreiraklet/Jeeves.git $ cd Jeeves $ go build jeeves.go $ chmod +x jeeves $ ./jeeves...

GONET-Scanner - Golang Network Scanner With Arp Discovery And Own Parser

ScreenShots Install chmod +x install.sh ./install.sh as root Usage ARP Discovery -ar CIDR -s: Scan ports in all hosts discovered -ap: Scan to 65535 Ports -pr MINPORT MAXPORT: Define Port Range to Scan -1000: Scan Top 1000 ports like nmap -t: Set Timeout in milliseconds EXAMPLES go run...

Njsscan - A Semantic Aware SAST Tool That Can Find Insecure Code Patterns In Your Node.js Applications

njsscan is a static application testing SAST tool that can find insecure code patterns in your node.js applications using simple pattern matcher from libsast and syntax-aware semantic code pattern search tool semgrep. Installation pip install njsscan Requires Python 3.6+ and supports only Mac and...

SyntheticSun - A Defense-In-Depth Security Automation And Monitoring Framework Which Utilizes Threat Intelligence, Machine Learning, Managed AWS Security Services And, Serverless Technologies To Continuously Prevent, Detect And Respond To Threats

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats. You sleep in fragmented glass With reflections o...

Attack-Surface-Framework - Tool To Discover External And Internal Network Attack Surface

ASF aims to protect organizations acting as an attack surface watchdog, provided an “Object” which might be a: Domain, IP address or CIDR Internal or External, ASF will discover assets/subdomains, enumerate their ports and services, track deltas and serve as a continuous and flexible attacking an...

CrowdSec - An Open-Source Massively Multiplayer Firewall Able To Analyze Visitor Behavior And Provide An Adapted Response To All Kinds Of Attacks

CrowdSec is a free, modern & collaborative behavior detection engine, coupled with a global IP reputation network. It stacks on fail2ban's philosophy but is IPV6 compatible and 60x faster Go vs Python, uses Grok patterns to parse logs and YAML scenario to identify behaviors. CrowdSec is engineere...

Wpscvn - Wpscvn Is A Tool For Pentesters, Website Owner To Test If Their Websites Had Some Vulnerable Plugins Or Themes

wpscvn is a tool for pentesters, website owner to test if their websites had some vulnerable plugins or themes The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law. requires : Python 3 usage ...

defenselessV1 - Just Another Vulnerable Web Application

Defenseless is a vulnerable web application written in PHP/MySQL. This is the first version of this application. The purpose of this application is to create security awareness among developers and new guys in application security. It would soon be updated with with more bugs and a new vulnerable...

3klCon - Automation Recon Tool Which Works With Large And Medium Scope

Full Automation Recon tool which works with Small and Medium scopes. ّIt's recommended to use it on VPS, it'll discover secrets and searching for vulnerabilities So, Welcome and let's deep into it 3 Updates Version 1.1, what's new? Very Recommended 1. Fixing multiple issues with the used tools. 2...

Burpsuite-Copy-As-XMLHttpRequest - Copy As XMLHttpRequest BurpSuite Extension

The extension adds a context menu to BurpSuite that allows you to copy multiple requests as Javascript's XmlHttpRequest, which simplifies PoC development when exploiting XSS. Installation download the latest JAR from releases or build manually add JAR to burpsuite using tabs: "Extender" -...

Kubestriker - A Blazing Fast Security Auditing Tool For Kubernetes

Kubestriker performs numerous in depth checks on kubernetes infra to identify the security misconfigurations and challenges that devops engineers/developers are likely to encounter when using Kubernetes, especially in production and at scale. kubestriker is Platform agnostic and works equally wel...

OpenWifiPass - An Open Source Implementation Of Apple's Wi-Fi Password Sharing Protocol In Python

An open source implementation of the grantor role in Apple's Wi-Fi Password Sharing protocol. Disclaimer OpenWifiPass is experimental software and is the result of reverse engineering efforts by the Open Wireless Link project. The code serves solely documentary and educational purposes. It is...

Perfusion - Exploit For The RpcEptMapper Registry Key Permissions Vulnerability (Windows 7 / 2088R2 / 8 / 2012)

On Windows 7 , Windows Server 2008R2 , Windows 8 , and Windows Server 2012 , the registry key of the RpcEptMapper and DnsCache 7/2008R2 only services is configured with weak permissions. Any local user can create a Performance subkey and then leverage the WindowsPerformance Counters to load an...

N1QLMap - The Tool Exfiltrates Data From Couchbase Database By Exploiting N1QL Injection Vulnerabilities

N1QLMap is an N1QL exploitation tool. Currently works with Couchbase database. The tool supports data extraction and performing SSRF attacks via CURL. More information can be found here: https://labs.f-secure.com/blog/n1ql-injection-kind-of-sql-injection-in-a-nosql-database. Usage Help usage:...

SwiftyInsta - Instagram Unofficial Private API Swift

Instagram offers two kinds of APIs to developers. The Instagram API Platform extremely limited in functionality and close to being discontinued, and the Instagram Graph API for Business and Creator accounts only. However, Instagram apps rely on a third type of API , the so-called Private API or...

Trident - Automated Password Spraying Tool

The Trident project is an automated password spraying tool developed to meet the following requirements: the ability to be deployed on several cloud platforms/execution providers the ability to schedule spraying campaigns in accordance with a target’s account lockout policy the ability to increas...

Zin - A Payload Injector For Bugbounties Written In Go

APayload Injector for bugbounties written in go Features Inject multiple payloads into all parameters Inject single payloads into all parameters Saves responses into output folder Displays Status Code & Response Length Can grep for patterns in the response Really fast Easy to setup Install $ go g...

DockerENT - The Only Open-Source Tool To Analyze Vulnerabilities And Configuration Issues With Running Docker Container(S) And Docker Networks

DockerENT is activE ruN time application security scanning T ool RAST tool and framework which is pluggable and written in python. It comes with a CLI application and clean Web Interface written with StreamLit. DockerENT has been designed keeping in mind that during deployments there weak...

Bastillion - A Web-Based SSH Console That Centrally Manages Administrative Access To Systems

Bastillion is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys. Key management and administration is based on profiles assigned to defined users. Administrators can logi...

Formphish - Auto Phishing Form-Based Websites

Auto Phishing form-based websites. This tool can automatically detect inputs on html form-based websites to create a phishing page. Features: Auto detect device Port Forwarding by Ngrok IP Tracker Legal disclaimer: Usage of Formphish for attacking targets without prior mutual consent is illegal...

Stegcloak - Hide Secrets With Invisible Characters In Plain Text Securely Using Passwords

StegCloak is a pure JavaScript steganography module designed in functional programming style, to hide secrets inside text by compressing and encrypting with Zero Width Characters. It can be used to safely watermark strings, invisible scripts on webpages, texts on social media or for any other...

FuzzBench - Fuzzer Benchmarking As A Service

FuzzBench is a free service that evaluates fuzzers on a wide variety of real-world benchmarks, at Google scale. The goal of FuzzBench is to make it painless to rigorously evaluate fuzzing research and make fuzzing research easier for the community to adopt. We invite members of the research...

Celerystalk - An Asynchronous Enumeration and Vulnerability Scanner

celerystalk helps you automate your network scanning/enumeration process with asynchronous jobs aka tasks while retaining full control of which tools you want to run. Configurable - Some common tools are in the default config, but you can add any tool you want Service Aware - Uses nmap/nessus...

Manticore - Symbolic Execution Tool For Analysis Of Binaries And Smart Contracts

Manticore is a symbolic execution tool for analysis of binaries and smart contracts. Note: Beginning with version 0.2.0, Python 3.6+ is required. Features Input Generation : Manticore automatically generates inputs that trigger unique code paths Crash Discovery : Manticore discovers inputs that...

Firework - Leveraging Microsoft Workspaces in a Penetration Test

Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process. The tool also wraps some code from Responder to leverage its ability to capture NetNTLM hashes from a system that provisions a Workplace feed via it. This tool may...

Microctfs - Small CTF Challenges Running On Docker

Small CTF challenges running on Docker logviewer Build and Start logviewer challenge exposed on port 8000 cd logviewer docker build -t logviewer . docker run -d -p 8000:80 --name logchallenge logviewer Restart logviewer challenge docker rm -f logchallenge && docker run -d -p 8000:80 --name...

GPG Reaper - Obtain/Steal/Restore GPG Private Keys From Gpg-Agent Cache/Memory

Obtain/Steal/Restore GPG Private Keys from gpg-agent cache/memory This POC demonstrates method for obtaining GPG private keys from gpg-agent memory under Windows. Normally this should be possible only within 10 minutes time frame --default-cache-ttl value. Unfortunately housekeeping function whic...

CryKeX - Linux Memory Cryptographic Keys Extractor

CryKeX - Linux Memory Cryptographic Keys Extractor Properties: Cross-platform Minimalism Simplicity Interactivity Compatibility/Portability Application Independable Process Wrapping Process Injection Dependencies: Unix - should work on any Unix-based OS BASH - the whole script root privileges...

sharkPy - NSA Tool to Dissect, Analyze, and Interact with Network Packet Data using Wireshark and libpcap capabilities

A python module to dissect, analyze, and interact with network packet data as native Python objects using Wireshark and libpcap capabilities. sharkPy dissect modules extend and otherwise modify Wireshark's tshark. SharkPy packet injection and pcap file writing modules wrap useful libpcap...

FileBuster - An Extremely Fast And Flexible Web Fuzzer

An extremely fast and flexible web fuzzer. Why another fuzzer? My main motivation was to write a script that would allow me to fuzz a website based on a dictionary but that allowed me to filter words on that dictionary based on regex patterns. This necessity came from the frustration of trying to...

Whitewidow 1.5.0 - SQL Vulnerability Scanner

Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, and a...

JSRat - Reverse HTTP Shell Using JavaScript

JSRat is a reverse HTTP Shell by using JavaScript. JSRat use rundll32.exe to load the JavaScript code in cmd and a HTTP Shell is returned when the code is executed. The special part is that after running the cmd command, rundll32.exe will remain in the background to continuously connect to the...

Gophish - Open-Source Phishing Toolkit

Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training. One-Click Installation Download and Extract the ZIP - Gophish binaries are provided for...

RouterhunterBR 2.0 - Automated Tool for Testing in Vulnerable Routers

The RouterhunterBR is an automated security tool que finds vulnerabilities and performs tests on routers and vulnerable devices on the Internet. The RouterhunterBR was designed to run over the Internet looking for defined ips tracks or random in order to automatically exploit the vulnerability...

B374K - PHP Webshell with handy features

This PHP Shell is a useful tool for system or web administrator to do remote management without using cpanel, connecting using ssh, ftp etc. All actions take place within a web browser. Features : File manager view, edit, rename, delete, upload, download, archiver, etc Search file, file content,...

Weeman - HTTP Server for Phishing

HTTP server for phishing in python. Weeman has support for most of the bigest websites. Usually you will want run Weeman with DNS spoof attack. see dsniff, ettercap. Weeman will do the following steps: 1. Create fake html page. 2. Wait for clients 3. Grab the data POST. 4. Try to login the client...

GoAccess - Real-time Web Log Analyzer and Interactive Viewer

GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal in nix systems. It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly. Features GoAccess parses the specified web log file and...

SAMHAIN v3.1.2 - File Integrity Checker / Host-Based Intrusion Detection System

The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis , as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially...

[ChromeAnalysis] Tool for analysing Google Chrome web browser

ChromeAnalysis Plus is a software tool for extracting, viewing and analysing internet history from the Google Chrome web browser. The main features are described below: Extract History Extract history regarding bookmarks, cookies, downloads, favicons, logins, most visited sites, search terms,...

[WinAppDbg 1.5] Python Debugger

The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment. It uses ctypes to wrap many Win32 API calls related to debugging, and provides an object-oriented abstraction layer to manipulate threads, libraries and processes, attach...

[Hashkill 0.3.1] Password Cracker Tool Released

Hashkill is an opensource hash cracker for Linux that uses OpenSSL. Currently it supports 4 attack methods dictionary, bruteforce, hybrid. Hashkill has 35 plugins for different types of passwords ranging from simple hashes like MD5 and SHA1 to passworded ZIP files and private SSL key passphrases...

[VSD] (Virtual Section Dumper) Just another Virtual Section Dumper for Windows Processes

What's VSD? VSD Virtual Section Dumper is intented to be a tool to visualize and dump the memory regions of a running 32 bits or a 64 bits process in many ways. For example, you can dump the entire process and fix the PE Header , dump a given range of memory or even list and dump every virtual...

Drs-Malware-Scan - Perform File-Based Malware Scan On Your On-Prem Servers With AWS

Perform malware scan analysis of on-prem servers using AWS services Challenges with on-premises malware detection It can be difficult for security teams to continuously monitor all on-premises servers due to budget and resource constraints. Signature-based antivirus alone is insufficient as moder...

DroidLysis - Property Extractor For Android Apps

DroidLysis is a pre-analysis tool for Android apps: it performs repetitive and boring tasks we'd typically do at the beginning of any reverse engineering. It disassembles the Android sample, organizes output in directories, and searches for suspicious spots in the code to look at. The output help...

EasyEASM - Zero-dollar Attack Surface Management Tool

Zero-dollar attack surface management tool featured at Black Hat Arsenal 2023 and Recon Village @ DEF CON 2023. Description Easy EASM is just that... the easiest to set-up tool to give your organization visibility into its external facing assets. The industry is dominated by $30k vendors selling...

KnowsMore - A Swiss Army Knife Tool For Pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS And DCSync)

KnowsMore officially supports Python 3.8+. Main features Import NTLM Hashes from .ntds output txt file generated by CrackMapExec or secretsdump.py Import NTLM Hashes from NTDS.dit and SYSTEM Import Cracked NTLM hashes from hashcat output file Import BloodHound ZIP or JSON file BloodHound importer...

MSSqlPwner - An Advanced And Versatile Pentesting Tool Designed To Seamlessly Interact With MSSQL Servers And Based On Impacket

MSSqlPwner is an advanced and versatile pentesting tool designed to seamlessly interact with MSSQL servers and based on Impacket. The MSSqlPwner tool empowers ethical hackers and security professionals to conduct comprehensive security assessments on MSSQL environments. With MSSqlPwner, users can...

Blackbone - Windows Memory Hacking Library

Windows memory hacking library Features x86 and x64 support Process interaction Manage PEB32/PEB64 Manage process through WOW64 barrier Process Memory Allocate and free virtual memory Change memory protection Read/Write virtual memory Process modules Enumerate all 32/64 bit modules loaded...

Hidden - Windows Driver With Usermode Interface Which Can Hide Processes, File-System And Registry Objects, Protect Processes And Etc

Hidden has been developed like a solution for reverse engineering and researching tasks. This is a windows driver with a usermode interface which is used for hiding specific environment on your windows machine, like installed RCE programs ex. procmon, wireshark, vm infrastructure ex. vmware tools...