Driftwood - Private Key Usage Verification

Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user. Driftwood performs lookups with the computed public key, so the private key never leaves where you run the tool. Additionally it supports some basic password...

reFlutter - Flutter Reverse Engineering Framework

This framework helps with Flutter apps reverse engineering using the patched version of the Flutter library which is already compiled and ready for app repacking. This library has snapshot deserialization process modified to allow you perform dynamic analysis in a convenient way. Key features:...

Inject-Assembly - Inject .NET Assemblies Into An Existing Process

This tool is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send output back to the Beacon, similar to the behavior of execute-assembly. There are t...

Registry-Spy - Cross-platform Registry Browser For Raw Windows Registry Files

Registry Spy is a free, open-source cross-platform Windows Registry viewer. It is a fast, modern, and versatile explorer for raw registry files. Features include: Fast, on-the-fly parsing means no upfront overhead Open multiple hives at a time Searching Hex viewer Modification timestamps...

TokenUniverse - An Advanced Tool For Working With Access Tokens And Windows Security Policy

Token Universe is an advanced tool that provides a wide range of possibilities to research Windows security mechanisms. It has a convenient interface for creating, viewing, and modifying access tokens, managing Local Security Authority and Security Account Manager's databases. It allows you to...

Iptable_Evil - An Evil Bit Backdoor For Iptables

iptableevil is a very specific backdoor for iptables that allows all packets with the evil bit set, no matter the firewall rules. The initial implementation is in iptableevil.c, which adds a table to iptables and requires modifying a kernel header to insert a spot for it. The second implementatio...

Narthex - Modular Personalized Dictionary Generator

Narthex Greek: Νάρθηξ, νάρθηκας is a modular & minimal dictionary generator for Unix and Unix-like operating system written in C and Shell. It contains autonomous Unix-style programs for the creation of personalised dictionaries that can be used for password recovery & security assessment. The...

Espoofer - An Email Spoofing Testing Tool That Aims To Bypass SPF/DKIM/DMARC And Forge DKIM Signatures

espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email server and client are vulnerable to email spoofing attacks or can be abused to send spoofing emails...

Raven - Advanced Cyber Threat Map (Simplified, Customizable, Responsive)

Raven - Advanced Cyber Threat Map Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, 100,000 cities, and can be used in an isolated environment without external lookups!. Live - Demo https://qeeqbox.github.io/raven/ Offline - Demo Features Uses D3.js Not...

AlphaGolang - IDApython Scripts For Analyzing Golang Binaries

AlphaGolang is a collection of IDAPython scripts to help malware reverse engineers master Go binaries. The idea is to break the scripts into concrete steps, thus avoiding brittle monolithic scripts, and mimicking the methodology an analyst might follow when tackling a Go binary. Scripts are...

Scemu - X86 32bits Emulator, For Securely Emulating Shellcodes

x86 32bits emulator, for securely emulating shellcodes. Features  rust safety, good for malware. All dependencies are in rust. zero unsafe blocks. very fast emulation much faster than unicorn 3,000,000 instructions/second 100,000 instructions/second printing every instruction -vv. powered by...

Wifi-Framework - Wi-Fi Framework For Creating Proof-Of-Concepts, Automated Experiments, Test Suites, Fuzzers, And More...

We present a framework to more easily perform Wi-Fi experiments. It can be used to create fuzzers, implement new attacks, create proof-of-concepts to test for vulnerabilities, automate experiments, implement test suites, and so on. The main advantage of the framework is that it allows you to reus...

RAUDI - A Repo To Automatically Generate And Keep Updated A Series Of Docker Images Through GitHub Actions

RAUDI Regularly and Automatically Updated Docker Images automatically generates and keep updated a series of Docker Images through GitHub Actions for tools that are not provided by the developers. What is RAUDI RAUDI is what will save you from creating and managing a lot of Docker Images manually...

SpoofThatMail - Bash Script To Check If A Domain Or List Of Domains Can Be Spoofed Based In DMARC Records

Bash script to check if a domain or list of domains can be spoofed based in DMARC records File with domains: sh SpoofThatMail.sh -f domains.txt One single domain: sh SpoofThatMail.sh -d domain Download SpoofThatMail...

WannaRace - WebApp Intentionally Made Vulnerable To Race Condition For Practicing Race Condition

WebApp intentionally made vulnerable to Race Condition Description Race Condition vulnerability can be practiced in the developed WebApp. Task is to buy a Mega Box using race condition that costs more than available vouchers. Two challenges are made for practice. Challenge B is to be solved when...

PasteMonitor - Scrape Pastebin API To Collect Daily Pastes, Setup A Wordlist And Be Alerted By Email When You Have A Match

Scrape Pastebin API to collect daily pastes, setup a wordlist and be alerted by email when you have a match. Description The PasteMonitor tool allows you to perform two main actions for educational purposes only: Download daily new public pastes Average number of pastes per day: 1000-3000 filetyp...

LACheck - Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration

Multithreaded C .NET Assembly Local Administrative Privilege Enumeration Arguments domain controller to query if not ran on a domain-joined host /domain - specify domain name if not ran on a domain-joined host /edr - check host for EDR requires smb, rpc, or winrm /logons - return logged on users ...

Shellcode-Encryptor - A Simple Shell Code Encryptor/Decryptor/Executor To Bypass Anti Virus

A simple shell code encryptor/decryptor/executor to bypass anti virus. Note: I have completely redone the work flow for creating the bypass, I have found injecting the binary into memory using PowerShell as the most effective method. Purpose To generate a .Net binary containing base64 encoded, AE...

RCLocals - Linux Startup Analyzer

Inspired by 'Autoruns' from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity verification, scan for DLL injected processes and much more Things covered: ·List GPG keys trusted by the system ·Installed Packages ·File integrity...

Mortar - Evasion Technique To Defeat And Divert Detection And Prevention Of Security Products (AV/EDR/XDR)

red teaming evasion technique to defeat and divert detection and prevention of security products.Mortar Loader performs encryption and decryption of selected binary inside the memory streams and execute it directly with out writing any malicious indicator into the hard-drive. Mortar is able to...

Log4J-Detect - Script To Detect The "Log4j" Java Library Vulnerability (CVE-2021-44228) For A List Of URLs With Multithreading

Simple Python 3 script to detect the "Log4j" Java library vulnerability CVE-2021-44228 for a list of URL with multithreading The script "log4j-detect.py" developed in Python 3 is responsible for detecting whether a list of URLs are vulnerable to CVE-2021-44228. To do so, it sends a GET request...

Rustpad - Multi-Threaded Padding Oracle Attacks Against Any Service

A multi-threaded what now? rustpad is a multi-threaded successor to the classic padbuster, written in Rust. It abuses a Padding Oracle vulnerability to decrypt any cypher text or encrypt arbitrary plain text without knowing the encryption key! Features Decryption of cypher texts Encryption of...

SyntheticSun - A Defense-In-Depth Security Automation And Monitoring Framework Which Utilizes Threat Intelligence, Machine Learning, Managed AWS Security Services And, Serverless Technologies To Continuously Prevent, Detect And Respond To Threats

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats. You sleep in fragmented glass With reflections o...

RPC Firewall - Stopping Lateral Movement via the RPC Firewall

I Need More Information Check out our RPC Firewall blog post to gain better understanding of RPC, RPC attacks and the solution: the RPC Firewall. For any questions, issues, or simlpy to shout out - we would love to hear from you! Contact us at [email protected] Why should I care? RPC is the...

Msmailprobe - Office 365 And Exchange Enumeration

Office 365 and Exchange Enumeration It is widely known that OWA Outlook Webapp is vulnerable to time-based user enumeration attacks. This tool leverages all known, and even some lesser-known services exposed by default Exchange installations to enumerate users. It also targets Office 365 for...

Lsarelayx - NTLM Relaying For Windows Made Easy

lsarelayx is system wide NTLM relay tool designed to relay incoming NTLM based authentication to the host it is running on. lsarelayx will relay any incoming authentication request which includes SMB. Since lsarelayx hooks into existing application authentication flows, the tool will also attempt...

RiotPot - Resilient IoT And Operational Technology Honeypot

RIoTPot is an interoperable medium interaction honeypot, primarily focused on the emulation IoT and OT protocols, although, it is also capable of emulating other services. This services are loaded in the honeypot in the form of plugins, making RIoTPot a modular, and very transportable honeypot. T...

Skrull - A Malware DRM, That Prevents Automatic Sample Submission By AV/EDR And Signature Scanning From Kernel

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted. It's a...

PMAT-labs - Labs For Practical Malware Analysis And Triage

Welcome to the labs for Practical Malware Analysis & Triage. WARNING Read this carefully before proceeding. This repository contains live malware samples for use in the Practical Malware Analysis & Triage course PMAT. These samples are either written to emulate common malware characteristics or a...

Top 20 Most Popular Hacking Tools in 2021

As last year, this year we made a ranking with the most popular tools between January and December 2021. Topics of the tools focus on Phishing, Information Gathering, Automation Tools,, among others. Without going into further details, we have prepared a useful list of the most popular tools in...

ShonyDanza - A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan. With ShonyDanza, you can: Obtain IPs based on search criteria Automatically exclude honeypots from the results based on your pre-configured thresholds Pre-configure all IP searches to filte...

Snap-Scraper - Snap Scraper Enables Users To Download Media Uploaded To Snapchat's Snap Map Using A Set Of Latitude And Longitude Coordinates

Snap Scraper is an open source intelligence tool which enables users to download media uploaded to Snapchat's Snap Map using a set of latitude and longitiude co-ordinates. This project is in no way affiliated with, authorized, maintained, sponsored or endorsed by Snap inc. or any of its affiliate...

SourceLeakHacker - A Multi Threads Web Application Source Leak Scanner

SourceLeakHacker is a muilt-threads web directories scanner. Installation pip install -r requirements.txt Usage dictionary scale --output OUTPUT output folder, default: result/YYYY-MM-DD hh:mm:ss --threads THREADS, -t THREADS threads numbers, default: 4 --timeout TIMEOUT HTTP request timeout...

Onionservice - Manage Your Onion Services Via CLI Or TUI On Unix-like Operating System With A POSIX Compliant Shell

Feature-rich Onion Service manager for UNIX-like operating systems written in POSIX conformant shellscript A collection of Onion Services features implemented for Unix-like systems following the Portable Operating System Interface standard. WARNING:do not trust this repo yet, backup your hs keys ...

NimHollow - Nim Implementation Of Process Hollowing Using Syscalls (PoC)

Playing around with the Process Hollowing technique using Nim. Features: Direct syscalls for triggering Windows Native API functions with NimlineWhispers. Shellcode encryption/decryption with AES in CTR mode. Simple sandbox detection methods from the OSEP course by @offensive-security. AMSI...

Spamscanner - Spam Scanner Is The Best Anti-Spam, Email Filtering, And Phishing Prevention Service

Spam Scanner is the best anti-spam, email filtering, and phishing prevention service. Spam Scanner is a drop-in replacement and the best alternative to SpamAssassin, rspamd, SpamTitan, and more. Foreword Spam Scanner is a tool and service built by @niftylettuce after hitting countless roadblocks...

Spray365 - Makes Spraying Microsoft Accounts (Office 365 / Azure AD) Easy Through Its Customizable Two-Step Password Spraying Approach

Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts Office 365 / Azure AD. How is Spray365 different from the many other password spraying tools that are already available? Spray365 enables passwords to be sprayed from an "execution plan". While having a...

SQLbit - Just Another Script For Automatize Boolean-Based Blind SQL Injections

A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwise comparisons with multithreading to find cell values instead of binary search, which is more efficient. It's able to: Search cell values by columns in a table Search...

MultiPotato - Another Potato to get SYSTEM via SeImpersonate privileges

First of all - credit to @splintercode & @decoderit for RoguePotato as this code heavily bases on it. This is just another Potato to get SYSTEM via SeImpersonate privileges. But this one is different in terms of It doesn't contain any SYSTEM auth trigger for weaponization. Instead the code can be...

TrojanSourceFinder - Help Find Trojan Source Vulnerability In Code

TrojanSourceFinder helps developers detect "Trojan Source" vulnerability in source code. Trojan Source vulnerability allows an attacker to make malicious code appear innocent. In general, the attacker tries to lure by passing his code off as a comment visually. It is a serious threat because it...

Umay - IoT Malware Similarity Analysis Platform

IoT Malware Similarity Analysis Platform View Demo This project provides IoT malware similarity analysis based on shared codes. It helps to identify other malwares that have shared code with the analyzed file. In this way, you can have a chance to get an idea about the family of the malware. Ther...

MUI - A GUI Plugin For Binary Ninja To Easily Interact With And View The Progress Of Manticore

With the Manticore User Interface MUI project, we provide a graphical user interface plugin for Binary Ninja to allow users to easily interact with and view progress of the Manticore symbolic execution engine for analysis of smart contracts and native binaries. ATTENTION This project is under...

Web Cache Vulnerability Scanner - A Go-based CLI Tool For Testing For Web Cache Poisoning

Web Cache Vulnerability Scanner WCVS is a fast and versatile CLI scanner for web cache poisoning developed by Hackmanit. The scanner supports many different web cache poisoning techniques, includes a crawler to identify further URLs to test, and can adapt to a specific web cache for more efficien...

Mesh-Kridik - An Open-Source Security Checker That Performs Various Security Checks On A Kubernetes Cluster With Istio Service Mesh And Is Leveraged By OPA (Open Policy Agent) To Enforce Security Rules

Enhance your Kubernetes service mesh security !! mesh-kridik is an open-source security checker that performs various security checks on a Kubernetes cluster with istio service mesh and outputs a security report. The security checks tests are the full implementation of istio security best practic...

Mariana Trench - Security Focused Static Analysis Tool For Android And Java Applications

Mariana Trench is a security focused static analysis platform targeting Android. This guide will walk you through setting up Mariana Trench on your machine and get you to find your first remote code execution vulnerability in a small sample app. These instructions are also available at our websit...

log4j-scan - A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts

A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more than 60 HTTP request headers not only 3-4 headers as previously seen tools. Fuzzing for HTTP POST Data parameters. Fuzzing for JSON data parameters. Supports...

Log4J-Detector - Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046

Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046. It is able to even find instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! Currently reports log4j-core...

Jektor - A Windows User-Mode Shellcode Execution Tool That Demonstrates Various Techniques That Malware Uses

This utility focuses on shellcode injection techniques to demonstrate methods that malware may use to execute shellcode on a victim system Dynamically resolves API functions to evade IAT inclusion Includes usage of undocumented NT Windows API functions Supports local shellcode execution via...

Haptyc - Test Generation Framework

Haptyc is a python library which was built to add payload position support and Sniper/Clusterbomb/Batteringram/Pitchfork attack types into Turbo Intruder. While Haptyc accomplishes these goals fairly well it also introduces a simpler way to express test sequences in general. While this library wa...

FiddleZAP - A Simplified Version Of EKFiddle For OWASP ZAP

FiddleZAP is a simplified version of EKFiddle for OWASP ZAP. With ZAP as your web proxy, you are able to flag malicious traffic based on predefined regular expressions. Example: Alert, highlighting and tagging when a regex matches on a string within the HTML source code of a compromised website...