6011 matches found
BlackArch Linux v2016.04.28 - Penetration Testing Distribution
BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1410 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. ChangeLog: added new improved BlackArch Linux...
OnionScan - Onion Services Security Scan
The purpose of this tool is to make you a better onion service provider. You owe it to yourself and your users to ensure that attackers cannot easily exploit and deanonymize. Go Dependencies h12.me/socks - For the Tor SOCKS Proxy connection. github.com/xiam/exif - For EXIF data extraction...
YaVol - GUI for Volatility Framework and Yara
This is just another GUI for volatility and yara which could make someone's life easier. It is inteded for Incident responders for quick examination of a memory image. Results are stored in sqlite db for reuse. 1. Installation Clone repo git clone https://[email protected]/Ft44k/yavol.git...
Lynis 2.1.1 - Security Auditing Tool for Unix/Linux Systems
Lynis is an open source security auditing tool. Commonly used by system administrators, security professionals and auditors, to evaluate the security defenses of their Linux/Unix based systems. It runs on the host itself, so it can perform very extensive security scans. Supported operating system...
PentestBox - Portable Penetration Testing Distribution for Windows Environments
PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 50% of penetration testing distributions users uses windows. So it provides an efficient platform for Penetration Testing on windows platform. Check out demo video: Easy ...
Crunch - Password Cracking Wordlist Generator
Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations. Features crunch generates wordlists in both combination and permutation ways it can breakup output by number of lines or fi...
SNMPCheck - Enumerate the SNMP devices
Like to snmpwalk, snmpcheck allows you to enumerate the SNMP devices and places the output in a very human readable friendly format. It could be useful for penetration testing or systems monitoring. Distributed under GPL license and based on "Athena-2k" script by jshaw. Features snmpcheck support...
[Rhino] Java Script Deobfuscate Tool
Rhino is an open-source implementation of JavaScript written entirely in Java. It is typically embedded into Java applications to provide scripting to end users. It is embedded in J2SE 6 as the default Java scripting engine. Rhino-debugger is a Graphical User Interface GUI that enables to debug...
[Hasere v0.2] Discover vHosts using Google and Bing
Hasere is a tool that can discovery the virtual hosts and related filetype using google and bing search engines. Optionally, it uses the nmap to determine the ip addresses which have 80 or 443 opened port. After that it uses the bing search engine to determine which domains were hosted or have be...
[Resolver v1.0.9] The reverse/bruteforce DNS lookup
Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force. Resolver features: Resolve a Single IP Resolve an IP Range Resolve IP’s provided in a tex...
[GoLismero v2.0] The Web Knife
GoLismero is an open source framework for security testing. It's currently geared towards web security, but it can easily be expanded to other kinds of scans. The most interesting features of the framework are: Real platform independence. Tested on Windows, Linux, BSD and OS X. No native library...
[HconSTF Pentest Browser] Open Source Penetration Testing / Ethical Hacking Framework
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xsscross site scripting, Sql injection,...
[Zarp v0.1.2] The Python Network Attack Tool
Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once,...
[Netcat] Howto Banner Grabbing, Bind Shell, Reverse Shell And Webserver
Netcat HowTo Banner Grabbing, Bind Shell, Reverse Shell and Webserver Netcat is a computer networking service for reading from and writing network connections using TCP or UDP. Netcat is designed to be a dependable "back-end" device that can be used directly or easily driven by other programs and...
[Stegano 0.4] Python Steganography Module
Stéganô is a Python Steganography module. Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. Consequently, functions provided by Stéga...
[Dissy] Graphical frontend to the objdump disassembler
Dissy is a graphical frontend to the objdump disassembler. Dissy can be used for debugging and browsing compiler-generated code. Download Dissy...
Vger - An Interactive CLI Application For Interacting With Authenticated Jupyter Instances
V'ger is an interactive command-line application for post-exploitation of authenticated Jupyter instances with a focus on AI/ML security operations. User Stories As a Red Teamer , you've found Jupyter credentials, but don't know what you can do with them. V'ger is organized in a format that shoul...
ShellSweep - PowerShell/Python/Lua Tool Designed To Detect Potential Webshell Files In A Specified Directory
ShellSweep ShellSweeping the evil Why ShellSweep "ShellSweep" is a PowerShell/Python/Lua tool designed to detect potential webshell files in a specified directory. ShellSheep and it's suite of tools calculate the entropy of file contents to estimate the likelihood of a file being a webshell. High...
JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post Exploitation Implant To Monitor Users As They Use The Targeted Application
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients. Changelogs Major changes are documented in the project Announcements:...
Ligolo-Ng - An Advanced, Yet Simple, Tunneling/Pivoting Tool That Uses A TUN Interface
Ligolo-ng is a simple , lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun interface without the need of SOCKS. Features Tun interface No more SOCKS! Simple UI with agent selection and network information Easy to use and setup...
NetProbe - Network Probe
NetProbe is a tool you can use to scan for devices on your network. The program sends ARP requests to any IP address on your network and lists the IP addresses, MAC addresses, manufacturers, and device models of the responding devices. Features Scan for devices on a specified IP address or subnet...
BlueBunny - BLE Based C2 For Hak5's Bash Bunny
C2 solution that communicates directly over Bluetooth-Low-Energy with your Bash Bunny Mark II. Send your Bash Bunny all the instructions it needs just over the air. Overview Structure Installation & Start 1. Install required dependencies pip install pygatt "pygattGATTTOOL" Make sure BlueZ is...
NimExec - Fileless Command Execution For Lateral Movement In Nim
Basically, NimExec is a fileless remote command execution tool that uses The Service Control Manager Remote Protocol MS-SCMR. It changes the binary path of a random or given service run by LocalSystem to execute the given command on the target and restores it later via hand-crafted RPC packets...
Iac-Scan-Runner - Service That Scans Your Infrastructure As Code For Common Vulnerabilities
Service that scans your Infrastructure as Code for common vulnerabilities. Aspect | Information ---|--- Tool name | IaC Scan Runner Docker image | xscanner/runner PyPI package | iac-scan-runner Documentation | docs Contact us | [email protected] Purpose and description The IaC Scan Runner is...
Hades-C2 - Hades Basic Command And Control Server
Hades is a basic Command & Control server built using Python. It is currently extremely bare bones, but I plan to add more features soon. Features are a work in progress currently. This is a project made mostly for me to learn Malware Development, Sockets, and C2 infrastructure setups. Currently,...
SMShell - Send Commands And Receive Responses Over SMS From Mobile Broadband Capable Computers
PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers. This tool came as an insipiration during a research on eSIM security implications led by Markus Vervier, presented at Offensivecon 2023 Disclaimer This is not a complete C2 but rather...
PrivKit - Simple Beacon Object File That Detects Privilege Escalation Vulnerabilities Caused By Misconfigurations On Windows OS
PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS. PrivKit detects following misconfigurations Checks for Unquoted Service Paths Checks for Autologon Registry Keys Checks for Always Install Elevated Registry Keys...
yaraQA - YARA Rule Analyzer To Improve Rule Quality And Performance
YARA rule Analyzer to improve rule quality and performance Why? YARA rules can be syntactically correct but still dysfunctional. yaraQA tries to find and report these issues to the author or maintainer of a YARA rule set. The issues yaraQA tries to detect are e.g.: rules that are syntactically...
LinkedInDumper - Tool To Dump Company Employees From LinkedIn API
Python 3 script to dump company employees from LinkedIn API Description LinkedInDumper is a Python 3 script that dumps employee data from the LinkedIn social networking platform. The results contain firstname, lastname, position title, location and a user's profile link. Only 2 API calls are...
KoodousFinder - A Simple Tool To Allows Users To Search For And Analyze Android Apps For Potential Security Threats And Vulnerabilities
A simple tool to allows users to search for and analyze android apps for potential security threats and vulnerabilities Account and API Key Create a Koodous account and get your api key https://koodous.com/settings/developers Install $ pip install koodousfinder Arguments Param | description ---|-...
Reverseip_Py - Domain Parser For IPAddress.com Reverse IP Lookup
Domain parser for IPAddress.com Reverse IP Lookup. Writen in Python 3. What is Reverse IP? Reverse IP refers to the process of looking up all the domain names that are hosted on a particular IP address. This can be useful for a variety of reasons, such as identifying all the websites that are...
Legitify - Detect And Remediate Misconfigurations And Security Risks Across All Your GitHub Assets
Strengthen the security posture of your GitHub organization! Detect and remediate misconfigurations, security and compliance issues across all your GitHub assets with ease Installation 1. You can download the latest legitify release from https://github.com/Legit-Labs/legitify/releases, each archi...
Pylirt - Python Linux Incident Response Toolkit
With this application, it is aimed to accelerate the incident response processes by collecting information in linux operating systems. Features Information is collected in the following contents. /etc/passwd cat /etc/group cat /etc/sudoers lastlog cat /var/log/auth.log uptime/proc/meminfo ps aux...
VuCSA - Vulnerable Client-Server Application - Made For Learning/Presenting How To Perform Penetration Tests Of Non-Http Thick Clients
Vulnerable Client-Server Application Vulnerable client-server application VuCSA is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written in Java with JavaFX graphical user interface. Currently the vulnerable application contains the following...
NimGetSyscallStub - Get Fresh Syscalls From A Fresh Ntdll.Dll Copy
Get fresh Syscalls from a fresh ntdll.dll copy. This code can be used as an alternative to the already published awesome tools NimlineWhispers and NimlineWhispers2 by @ajpc500 or ParallelNimcalls. The advantage of grabbing Syscalls dynamically is, that the signature of the Stubs is not included i...
EmoCheck - Emotet Detection Tool For Windows OS
Emotet detection tool for Windows OS. How to use 1. Download EmoCheck from the Releases page. 2. Run EmoCheck on the host. 3. Check the exported report. Download Please download from the Releases page. Command options since v0.0.2 Specify output directory for the report default: current directory...
Sealighter - Easy ETW Tracing for Security Research
I created this project to help non-developers dive into researching Event Tracing for Windows ETW and Windows PreProcessor Tracing WPP. Features Subscribe to multiple ETW and WPP Providers at once Automatically parse events into JSON without needing to know format Robust Event filtering including...
Cervantes - Collaborative Platform For Pentesters Or Red Teams Who Want To Save Time To Manage Their Projects, Clients, Vulnerabilities And Reports In One Place
Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place. Features OpenSource Multiplatform Multilanguage Team Collaboration BuiltIn dashbaords and analytics Manage your clients...
Frostbyte - FrostByte Is A POC Project That Combines Different Defense Evasion Techniques To Build Better Redteam Payloads
FrostByte Progolue: In the past few days I've been experimenting with the AppDomain manager injection technique had a decent success with it in my previous Red Team engagements against certain EDRs. Although, this is really good for initial access vector, I wanted to release a POC which will help...
COM-Hunter - COM Hijacking VOODOO
COM Hijacking VOODOO COM-hunter is a COM Hijacking persistnce tool written in C. This tool was inspired during the RTO course of @zeropointsecltd Features Finds out entry valid CLSIDs in the victim's machine. Finds out valid CLSIDs via Task Scheduler in the victim's machine. Finds out if someone...
Ransomware-Simulator - Ransomware Simulator Written In Golang
The goal of this repository is to provide a simple, harmless way to check your AV's protection on ransomware. This tool simulates typical ransomware behaviour, such as: Staging from a Word document macro Deleting Volume Shadow Copies Encrypting documents embedded and dropped by the simulator into...
Frelatage - The Python Fuzzer That The World Deserves
pip3 install frelatage Current release :0.0.7 Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code. The development of Frelatage was inspired by various other fuzzers, including AFL/AFL++, Atheris and PythonFuzz. The main purpose of the project is to take...
Sub3Suite - A Free, Open Source, Cross Platform Intelligence Gathering Tool
Sub3 Suite is a research-grade suite of tools for Subdomain Enumeration, OSINT Information gathering & Attack Surface Mapping. Supports both manual and automated analysis on variety of target types with many available features & tools. For more information checkout the documentation Screenshots...
Smap - A Drop-In Replacement For Nmap Powered By Shodan.Io
Smap is a replica of Nmap which uses shodan.io's free API for port scanning. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacament for Nmap. Features Scans 200 hosts per second Doesn't require any account/api key Vulnerability detection...
Poro - Scan Publicly Accessible Assets On Your AWS Cloud Environment
Scan for publicly accessible assets on your AWS environment Services covered by this tool: AWS ELB API Gateway S3 Buckets RDS Databases EC2 instances Redshift Databases Poro also check if a tag you specify is applied to identified public resources using --tag-key and --tag-value arguments...
DRAKVUF Sandbox - Automated Hypervisor-Level Malware Analysis System
DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an agent on guest OS. This project provides you with a friendly web interface that allows you to upload suspicious files to be analyzed. Once the sandboxing job is finished...
Talisman - By Hooking Into The Pre-Push Hook Provided By Git, Talisman Validates The Outgoing Changeset For Things That Look Suspicious
A tool to detect and prevent secrets from getting checked in What is Talisman? Talisman is a tool that installs a hook to your repository to ensure that potential secrets or sensitive information do not leave the developer's workstation. It validates the outgoing changeset for things that look...
RecoverPy - Interactively Find And Recover Deleted Or Overwritten Files From Your Terminal
You can already find plenty of solutions to recover deleted files, but it can be a hassle to recover overwritten files. RecoverPy searches through every block of your partition to find your request. Demo Installation RecoverPy is currently only available on Linux systems. Dependancies Mandatory...
AirStrike - Automatically Grab And Crack WPA-2 Handshakes With Distributed Client-Server Architecture
Tool that automates cracking of WPA-2 Wi-Fi credentials using client-server architecture Requirements Airstrike uses Hashcat Brain Architecture, aircrack-ng suite, entr utility and some helper scripts. You can use install.sh script to download all dependencies if you're on system which has an...
SysFlow - Cloud-native System Telemetry Pipeline
This repository hosts the documentation and issue tracker for all SysFlow projects. Quick reference Documentation : the SysFlow Documentation Where to get help : the SysFlow Community Slack Where to file issues : the github issue tracker Source of this description : repo's readme history Docker...