Hyenae-Ng - An Advanced Cross-Platform Network Packet Generator And The Successor Of Hyenae

Hyenae NG Next Generation is a re-write of the original Hyenae tool which was originally published back in the year 2010. Besides switching from C to C++, using modern design concepts, Hyenae NG was just like the original Hyenae written with maximum portability in mind. Since the original Hyenae...

Gotanda - Browser Web Extension For OSINT

Gotanda is OSINTOpen Source Intelligence Web Extension for Firefox/Chrome. This Web Extension could search OSINT information from some IOC in web page.IP,Domain,URL,SNS...etc This Repository partly the studying and JavaScript practice. Download link below. FireFox Chrome Usage Right click...

Fhex - A Full-Featured HexEditor

This project is born with the aim to develop a lightweight, but useful tool. The reason is that the existing hex editors have some different limitations e.g. too many dependencies, missing hex coloring features, etc.. This project is based on qhexedit2 , capstone and keystone engines. New feature...

EXOCET - AV-evading, Undetectable, Payload Delivery Tool

EXOCET is superior to Metasploit's "Evasive Payloads" modules as EXOCET uses AES-256 in GCM Mode Galois/Counter Mode. Metasploit's Evasion Payloads uses a easy to detect RC4 encryption. While RC4 can decrypt faster, AES-256 is much more difficult to ascertain the intent of the malware. However, i...

Cumulus - Web Application Weakness Monitoring, It Would Be Working By Add Just 3 Codelines

Cumulus is a service that helps you monitor and fix security weakness in realtime. The issues will be reported on web dashboard. It's very simple and powerful. Key features Just install SDK to web front, can be found security weakness on service SDK detect weakness from Inner Layer, dinamically e...

Clash - A Rule-Based Tunnel In Go

A rule-based tunnel in Go. Features Local HTTP/HTTPS/SOCKS server with authentication support VMess, Shadowsocks, Trojan, Snell protocol support for remote connections Built-in DNS server that aims to minimize DNS pollution attack impact, supports DoH/DoT upstream and fake IP. Rules based off...

ChopChop - ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders

ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot. Checks/Signatures are declared in a config file by...

Canadian Furious Beaver - A Tool For Monitoring IRP Handler In Windows Drivers, And Facilitating The Process Of Analyzing, Replaying And Fuzzing Windows Drivers For Vulnerabilities

Furious Beaver is a distributed tool for capturing IRPs sent to any Windows driver. It operates in 2 parts: 1. the "Broker" combines both a user-land agent and a self-extractable driver IrpDumper.sys that will install itself on the targeted system. Once running it will expose depending on the...

AzureHunter - A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365

A Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes. Getting Started 1. Check that you have the right O365 Permissions The following roles are required in Exchange Online, in order to be able to have read only access to the UnifiedAuditLog:...

Ad-Honeypot-Autodeploy - Deploy A Small, Intentionally Insecure, Vulnerable Windows Domain For RDP Honeypot Fully Automatically

Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically. Runs on self-hosted virtualization using libvirt with QEMU/KVM but it can be customized easily for cloud-based solutions. Used for painlessly set up a small Windows Domain from scratch...

Abaddon - Make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities

Red team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating and caution. Wavestone’s red team operations management software, Abaddon, has been designed to make red team operations faster, more repeatable,...

Boofuzz - Network Protocol Fuzzing for Humans

Boofuzz is a fork of and the successor to the venerable Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility. The goal: fuzz everything. Why? Sulley has been the preeminent open source fuzzer for some time, but has fallen out of maintenance. Features Like Sulley,...

Covert-Control - Google Drive, OneDrive And Youtube As Covert-Channels - Control Systems Remotely By Uploading Files To Google Drive, OneDrive, Youtube Or Telegram

Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram using Python to create the files and the listeners. It allows to create text files, images, audio or videos, with the commands in cleartext or encrypted using AES. covert-googledrive.py - Control systems...

FormatFuzzer - A Framework For High-Efficiency, High-Quality Generation And Parsing Of Binary Inputs

FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs. It takes a binary template that describes the format of a binary input and generates an executable that produces and parses the given binary format. From a binary template for GIF, for instance,...

RottenPotatoNG - A C++ DLL And Standalone C++ Binary - No Need For Meterpreter Or Other Tools

New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools. RottenPotatoDLL This project generates a DLL and EXE file. The DLL contains all the code necessary to perform the RottenPotato attack and get a handle to a privileged token. The...

Private Set Membership (PSM) - Cryptographic Protocol That Allows Clients To Privately Query

Private Set Membership PSM is a cryptographic protocol that allows clients to privately query whether the client's identifier is a member of a set of identifiers held by a server in a privacy-preserving manner. At a high level, PSM provides the following privacy guarantees: The server does not...

Ddosify - High-performance Load Testing Tool

Features Protocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other protocols are on the way. Scenario-Based - Create your flow in a JSON file. Without a line of code! Different Load Types - Test your system's limits across different load types. Installation ddosify is available via...

Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding

This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code. This project is comprised of the following elements: Harness.exe: The "victim" application which i...

Kunyu - More Efficient Corporate Asset Collection

Kunyu, More Efficient Corporate Asset Collection 0x00 Introduce Tool introduction Kunyu kunyu, whose name is taken from , is actually a professional subject related to geographic information, which counts the geographic information of the sea, land, and sky. The same applies to cyberspace. The sa...

Hashdb-Ida - HashDB API Hash Lookup Plugin For IDA Pro

HashDB IDA Plugin Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can be added on GitHub here. Pull requests are mostly automated and as long as our...

Etl-Parser - Event Trace Log File Parser In Pure Python

Event Trace Log file reader in pure Python etl-parser is a pure Python 3 parser library for ETL Windows log files. ETL is the default format for ETW as well as the default format for the Kernel logger. etl-parser has no system dependencies, and will work well on both Windows and Linux. Since this...

Smuggler - An HTTP Request Smuggling / Desync Testing Tool

An HTTP Request Smuggling / Desync testing tool written in Python 3 Acknowledgements A special thanks to James Kettle for his research and methods into HTTP desyncs And a special thanks to Ben Sadeghipour for beta testing Smuggler and for allowing me to discuss my work at Nahamcon 2020 IMPORTANT...

Certipy - Python Implementation For Active Directory Certificate Abuse

Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services AD CS. Based on the C variant Certify from @harmj0y and @tifkin. Installation $ python3 setup.py install Remember to add the Python scripts directory to your path. Usage $ certipy -h usage:...

Tor-Rootkit - A Python 3 Standalone Windows 10 / Linux Rootkit Using Tor

A Python 3 standalone Windows 10 / Linux Rootkit. The networking communication get's established over the tor network. Disclaimer Use for educational purposes only. How to use 1. Clone the repo and change directory: git clone https://github.com/emcruise/TorRootkit.git cd ./tor-rootkit 2. Build...

PyRDP - RDP Monster-In-The-Middle (Mitm) And Library For Python With The Ability To Watch Connections Live Or After The Fact

PyRDP is a Python Remote Desktop Protocol RDP Monster-in-the-Middle MITM tool and library. It features a few tools: RDP Monster-in-the-Middle Logs credentials used when connecting Steals data copied to the clipboard Saves a copy of the files transferred over the network Crawls shared drives in th...

Androidqf - (Android Quick Forensics) Helps Quickly Gathering Forensic Evidence From Android Devices, In Order To Identify Potential Traces Of Compromise

androidqf Android Quick Forensics is a portable tool to simplify the acquisition of relevant forensic data from Android devices. It is the successor of Snoopdroid, re-written in Go and leveraging official adb binaries. androidqf is intended to provide a simple and portable cross-platform utility ...

LDAPmonitor - Monitor Creation, Deletion And Changes To LDAP Objects Live During Your Pentest Or System Administration!

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! With this tool you can quickly see if your attack worked and if it changed LDAP attributes of the target object. Features Feature | Python .py | CSharp .exe | Powershell .ps1 ---|---|---|---...

TIWAP - Totally Insecure Web Application Project

TIWAP is a web security testing lab made using Flask for budding security enthusiasts to learn about various web vulnerabilities. Inspired by DVWA, the contributors have tried their best to regenerate various web vulnerabilities The application is solely made for educational purpose and to learn...

HandleKatz - PIC Lsass Dumper Using Cloned Handles

This tool was implemented as part of our Brucon2021 conference talk and demonstrates the usage of cloned handles to Lsass in order to create an obfuscated memory dump of the same. It compiles down to an executable living fully in its text segment. Thus, the extracted .text segment of the PE file ...

ADLab - Custom PowerShell Module To Setup An Active Directory Lab Environment To Practice Penetration Testing

The purpose of this module is to automate the deployment of an Active Directory lab for practicing internal penetration testing. Credits to Joe Helle and his PowerShell for Pentesters course regarding the generation of the attack vectors. Instructions Preparation Optional but recommended: Move...

aDLL - Adventure of Dinamic Link Library

aDLL is abinary analysis tool focused on the automatic discovery of DLL Hijacking vulnerabilities. The tool analyzes the image of the binary loaded in memory to search for DLLs loaded at load-time and makes use of the Microsoft Detours library to intercept calls to the LoadLibrary/LoadLibraryEx...

Vimana - An Experimental Security Framework That Aims To Provide Resources For Auditing Python Web Applications

Vimana is a modular security framework designed to audit Python web applications. The base of the Vimana is composed of crawlers focused on frameworks in addition to the generic ones for web, trackers, discovery, fuzzer, parser among other types of modules. The main idea, from where the framework...

Melting-Cobalt - A Cobalt Strike Scanner That Retrieves Detected Team Server Beacons Into A JSON Object

A tool to hunt/mine for Cobalt Strike beacons and "reduce" their beacon configuration for later indexing. Hunts can either be expansive and internet wide using services like SecurityTrails, Shodan, or ZoomEye or a list of IP's. Getting started 1. Install melting-cobalt 2. Configure your tokens to...

Web-Hacking-Toolkit - A Multi-Platform Web Hacking Toolkit Docker Image With Graphical User Interface (GUI) Support

A multi-platform web hacking toolkit Docker image with Graphical User Interface GUI support. Installation Docker Pull the image from Docker Hub: docker pull signedsecurity/web-hacking-toolkit Run a container and attach a shell: docker run --rm -it --name web-hacking-toolkit...

PeTeReport - An Open-Source Application Vulnerability Reporting Tool

PeTeReport Pe nTe st Report is an open-source application vulnerability reporting tool designed to assist pentesting/redteaming efforts, by simplifying the task of writting and generation of reports. Focused in product security, the tool help security researchers and pentesters to provide detaile...

Dockerized-Android - A Container-Based Framework To Enable The Integration Of Mobile Components In Security Training Platforms

Dockerized Android is a container-based framework that allows to execute and Android Emulator inside Docker and control it through a browser. This project has been developed in order to provide a starting point for integrating mobile security components into Cyber Ranges but it can be used for an...

GC2 - A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive

GC2 Google Command and Control is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google Drive. Why This program has been developed in order to provide a command and control that does not require any...

Scarce-Apache2 - A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public

This tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning method Only if the MODCGI is Enabled at the targeted webserver. This tool works with the...

Http-Protocol-Exfil - Exfiltrate Files Using The HTTP Protocol Version ("HTTP/1.0" Is A 0 And "HTTP/1.1" Is A 1)

Use the HTTP protocol version to send a file bit by bit "HTTP/1.0" is a 0 and "HTTP/1.1" is a 1. It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and the amount of...

HTTPUploadExfil - A Simple HTTP Server For Exfiltrating Files/Data During, For Example, CTFs

HTTPUploadExfil is a very simple HTTP server written in Go that's useful for getting files and other information off a machine using HTTP. While there are many use-cases, it's meant to be used in low-stakes offensive scenarios e.g., CTFs. Think of this as python3 -m http.server but for getting da...

DonPAPI - Dumping DPAPI Credz Remotely

Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...

Clash - A Rule-Based Tunnel In Go

Clash A rule-based tunnel in Go. Features Local HTTP/HTTPS/SOCKS server with authentication support VMess, Shadowsocks, Trojan, Snell protocol support for remote connections Built-in DNS server that aims to minimize DNS pollution attack impact, supports DoH/DoT upstream and fake IP. Rules based o...

Lorsrf - SSRF Parameter Bruteforce

Bruteforcing on Hidden parameters to find SSRF vulnerability using GET and POST Methods NOTE Lorsrf has been added to scant3r with useful additions multi http method , multi content-type json , query , xml , speed , large worlist and more https://github.com/knassar702/scant3r/wiki/lorsrf install...

Keeweb - Free Cross-Platform Password Manager Compatible With KeePass

This webapp is a browser and desktop password manager compatible with KeePass databases. It doesn't require any server or additional resources. The app can run either in browser, or as a desktop app. Quick Links Apps: Web, Desktop Timeline: Release Notes, TODO On one page: Features, FAQ Website:...

Mediator - An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture

Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a "mediator" server that bridges the connections. This removes the need for the operator/handler to set up port forwarding in order to listen for the connection. Mediator also allows you to create...

Webdiscover - The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

The purpose of this script is to automate the web enumeration process and search for exploits and vulns. Added Tools dependencies are installed during script execution: seclist ffuf namelist dnsrecon subfinder whatweb gospider nuclei searchsploit go-exploitdb It creates a directory with the scan...

VECTR - A Tool That Facilitates Tracking Of Your Red And Blue Team Testing Activities To Measure Detection And Prevention Capabilities Across Different Attack Scenarios

VECTR documentation can be found here: https://docs.vectr.io VECTR Community Discord Channel: https://discord.gg/2FRd8zf728 VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios...

ThreadStackSpoofer - PoC For An Advanced In-Memory Evasion Technique Allowing To Better Hide Injected Shellcode'S Memory Allocation From Scanners And Analysts

A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory. Intro This is an example implementation for Thread Stack Spoofing technique...

Terra - OSINT Tool On Twitter And Instagram

OSINT Tool On Twitter And Instagram. Installation Clone the github repo $ git clone https://github.com/xadhrit/terra.git Change Directory $ cd terra Requirements : For requirements run following commands: $ python3 -m pip install -r requirements.txt Note For Twitter Credentials : You need...

SysFlow - Cloud-native System Telemetry Pipeline

This repository hosts the documentation and issue tracker for all SysFlow projects. Quick reference Documentation : the SysFlow Documentation Where to get help : the SysFlow Community Slack Where to file issues : the github issue tracker Source of this description : repo's readme history Docker...