SharpMapExec - A Sharpen Version Of CrackMapExec

A sharpen version of CrackMapExec. This tool is made to simplify penetration testing of networks and to create a swiss army knife that is made for running on Windows which is often a requirement during insider threat simulation engagements. Besides scanning for access it can be used to identify...

Watcher - Open Source Cybersecurity Threat Hunting Platform

Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organisation. It should be used on webservers and available on Docker. Watcher capabilities Detect emerging vulnerability, malware using social network & other RSS sources...

Sploit - Go Package That Aids In Binary Analysis And Exploitation

Sploit is a Go package that aids in binary analysis and exploitation. The motivating factor behind the development of sploit is to be able to have a well designed API with functionality that rivals some of the more common Python exploit development frameworks while taking advantage of the Go...

Fawkes - Tool To Search For Targets Vulnerable To SQL Injection (Performs The Search Using Google Search Engine)

Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine. Options -q, --query - Dork that will be used in the search engine. -r, --results - Number of results brought by the search engine. -s, --start-page - Home page of search results. -t...

Bheem - Simple Collection Of Small Bash-Scripts Which Runs Iteratively To Carry Out Various Tools And Recon Process

Project Bheem is a simple collection of small bash-scripts which runs iteratively to carry out various tools and recon process & store output in an organized way. This project was created initially for automation of Recon for personal usage and was never meant to be public as there is nothing fan...

Bento - A Minimal Fedora-Based Container For Penetration Tests And CTF With The Sweet Addition Of GUI Applications

A bento 弁当, bentō is a single-portion take-out or home-packed meal of Japanese origin. Bento Toolkit is a simple and minimal docker container for penetration testers and CTF players. It has the portability of Docker with the addition of X, so you can also run GUI application like burp...

Scilla - Information Gathering Tool (DNS/Subdomain/Port Enumeration)

Information Gathering Tool - Dns/Subdomain/Port Enumeration Installation First of all, clone the repo locally git clone https://github.com/edoardottt/scilla.git Scilla has external dependencies, so they need to be pulled in: go get Working on installation... See the open issue. For now you can ru...

Go365 - An Office365 User Attack Tool

Go365 is a tool designed to perform user enumeration and password guessing attacks on organizations that use Office365 now/soon Microsoft365. Go365 uses a unique SOAP API endpoint on login.microsoftonline.com that most other tools do not use. When queried with an email address and password, the...

E9Patch - A Powerful Static Binary Rewriting Tool

E9Patch is a powerful static binary rewriting tool for x8664 Linux ELF binaries. E9Patch is: Scalable : E9Patch can reliably rewrite large/complex binaries including web browsers 100MB in size. Compatible : The rewritten binary is a drop-in replacement of the original, with no additional...

PoshBot - Powershell-based Bot Framework

PoshBot is a chat bot written in PowerShell. It makes extensive use of classes introduced in PowerShell 5.0. PowerShell modules are loaded into PoshBot and instantly become available as bot commands. PoshBot currently supports connecting to Slack to provide you with awesome ChatOps goodness. What...

Freki - Malware Analysis Platform

Freki is a free and open-source malware analysis platform. Goals 1. Facilitate malware analysis and reverse engineering; 2. Provide an easy-to-use REST API for different projects; 3. Easy deployment via Docker; 4. Allow the addition of new features by the community. Current features Hash...

Ghost Framework - An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device

About Ghost Framework Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration. Getting started Ghost installation To install...

APKLab - Android Reverse Engineering WorkBench For VS Code

APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE. Features Decode all the resources from an APK Disassemble the APK to Dalvik bytecode aka Smali...

ToRat - A Remote Administation Tool Written In Go Using Tor As A Transport Mechanism And RPC For Communication

A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients. How to How to use ToRat Preview Current Features RPC Remote procedure Call based communication for easy addition of new functionallity Automatic upx...

WSMan-WinRM - A Collection Of Proof-Of-Concept Source Code And Scripts For Executing Remote Commands Over WinRM Using The WSMan.Automation COM Object

A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object. Background For background information, please refer to the following blog post: WS-Management COM: Another Approach for WinRM Lateral Movement Notes...

Stegseek - Worlds Fastest Steghide Cracker, Chewing Through Millions Of Passwords Per Second

Stegseek is a lightning fast steghide cracker that can be used to extract hidden data from files. It is built as a fork of the original steghide project and, as a result, it is thousands of times faster than other crackers and can run through the entirety of rockyou.txt in under 2 seconds. Stegse...

Slipstream - NAT Slipstreaming Allows An Attacker To Remotely Access Any TCP/UDP Services Bound To A Victim Machine, Bypassing The Victim's NAT/firewall, Just By The Victim Visiting A Website

NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim's NAT/firewall arbitrary firewall pinhole control, just by the victim visiting a website. Developed by : @SamyKamkar // https://samy.pl Released : October 31, 2020 Source...

403Bypasser - Burpsuite Extension To Bypass 403 Restricted Directory

An burpsuite extension to bypass 403 restricted directory. By using PassiveScan default enabled, each 403 request will be automatically scanned by this extension, so just add to burpsuite and enjoy. Payloads: $1: HOSTNAME $2: PATH $1/$2 $1/%2e/$2 $1/$2/. $1//$2// $1/./$2/./ $1/$2anything -H...

Gustave - Embedded OS kernel fuzzer

GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL and all of its forkserver siblings. It allows to fuzz OS kernels like simple applications. Thanks to QEMU, it is multi-platform. One can see GUSTAVE as a AFL forkserver implementation inside QEMU, with fine grain...

Carnivore - Tool For Assessing On-Premises Microsoft Servers Authentication Such As ADFS, Skype, Exchange, And RDWeb

Carnivore is an assessment tool for Skype for Business, Exchange, ADFS, and RDWeb servers as well as some O365 functionality. Carnivore includes some new post-authentication Skype for Business functionality. Released as open source by NCC Group Plc - https://www.nccgroup.com/ Developed by Chris...

Sak1To-Shell - Multi-threaded C2 Server And Reverse Shell Client Written In Pure C

Multi-threaded c2 server and reverse TCP shell client written in pure C Windows. Command list: list: list available connections. interact id: interact with client. download filename: download a file from client. upload filename: upload a file to client. background: background client. exit:...

DarkSide - Tool Information Gathering And Social Engineering

Features: Hacker Dashboard Hacker News thehackernews.com/ New Exploits Exploit-db.com Hacking Tutorials Video youtube.com The Latest Prices OF Digital Currencies Rials , Usd Information Gathering Bypass Cloud Flare Cms Detect Trace Toute Reverse IP Port Scan IP location Finder Show HTTP Header Fi...

RESTler - The First Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs In These Services

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. For a given cloud service with an OpenAPI/Swagger specification, RESTler analyzes its entire specification, and then...

Depix - Recovers Passwords From Pixelized Screenshots

Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with a linear box filter. In this article I cover background information on pixelization and similar research. Example python depix.py -p...

Packer-Fuzzer - A Fast And Efficient Scanner For Security Detection Of Websites Constructed By Javascript Module Bundler Such As Webpack

With the popularity of web front-end packaging tools, have you encountered more and more websites represented by Webpack packager in daily penetration testing and security services? This type of packager will package the API and API parameters of the entire site together for centralized Web call,...

Wp_Hunter - Static Analysis Of Wordpress Plugins

Static analysis to search for vulnerabilities in Wordpress plugins. / \ / \ / | \ / | \ // /| / \ | / \ / \ \ \ / | | \ Y / | / | \ | \ /| | / /\ / ||| /|/|| /| \ | / // / / / | Author: @JosueEncinar Starting the process Total plugins 87509 Starting the analisys How to add a module The...

Baphomet - Basic Concept Of How A Ransomware Works

This is a proof of concept of how a ransomware works, and some techniques that we usually use to hijack our files. This project is written in C using the net-core application framework 3.1.The main idea of the code is to make it as readable as possible so that people have an idea of how this type...

Js-X-Ray - JavaScript And Node.js Open-Source SAST Scanner (A Static Analysis Of Detecting Most Common Malicious Patterns)

JavaScript AST analysis. This package has been created to export the Node-Secure AST Analysis to enable better code evolution and allow better access to developers and researchers. The goal is to quickly identify dangerous code and patterns for developers and Security researchers. Interpreting th...

Hijackthis - A Free Utility That Finds Malware, Adware And Other Security Threats

HiJackThis Fork is a free utility for Microsoft Windows that scans your computer for settings changed by adware, spyware, malware and other unwanted programs. HiJackThis Fork primarily detects hijacking methods rather than comparing items against a pre-built database. This allows it to detect new...

Karkinos - Penetration Testing And Hacking CTF's Swiss Army Knife With: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Karkinos is a light-weight 'Swiss Army Knife' for penetration testing and/or hacking CTF's. Currently, Karkinos offers the following: Encoding/Decoding characters Encrypting/Decrypting text or files Reverse shell handling Cracking and generating hashes Dependancies Any server capable of hosting...

ADSearch - A Tool To Help Query AD Via The LDAP Protocol

A tool written for cobalt-strike's execute-assembly command that allows for more efficent querying of AD. Key Features List all Domain Admins Custom LDAP Search Connect to LDAPS Servers Output JSON data from AD instances Retrieve custom attributes from a generic query i.e. All computers Usage...

Obfuscator - The Program Is Designed To Obfuscate The Shellcode

The program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. 1 XOR 2 AES The tool accepts shellcode in 4 formats. 1 base64 2 hex 3 c 4 raw Command Line Usage Usage Description ----- ----------- /f Specify the format of the shellcode base64 hex c raw /enc Specify t...

Pytmipe - Python Library And Client For Token Manipulations And Impersonations For Privilege Escalation On Windows

PYTMIPE PYthon library for Token Manipulation and Impersonation for Privilege Escalation is a Python 3 library for manipulating Windows tokens and managing impersonations in order to gain more privileges on Windows. TMIPE is the python 3 client which uses the pytmipe library. Content A python...

Enum4Linux-Ng - A Next Generation Version Of Enum4Linux (A Windows/Samba Enumeration Tool) With Additional Features Like JSON/YAML Export

enum4linux-ng.py is a rewrite of Mark Lowe's former Portcullis Labs now Cisco CX Security Labs enum4linux.pl, a tool for enumerating information from Windows and Samba systems, aimed for security professionals and CTF players. The tool is mainly a wrapper around the Samba tools nmblookup, net,...

Aclpwn.Py - Active Directory ACL Exploitation With BloodHound

Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths. It takes a starting and ending point and will use Neo4j pathfinding algorithms to find the most efficient ACL based privilege escalation path. Aclpwn.py is similar to the PowerShell...

JSFScan.sh - Automation For Javascript Recon In Bug Bounty

Blog can be found at https://medium.com/@patelkathan22/beginners-guide-on-how-you-can-use-javascript-in-bugbounty-492f6eb1f9ea?sk=21500dc4288281c7e6ed2315943269e7 Script made for all your javascript recon automation in bugbounty. Just pass subdomain list to it and options according to your...

Fast-Security-Scanners - Security Checks For Your Researches

A small contribution to community : We use all these tools in security assessments and in our vulnerability monitoring service Check your domain for DNS NStakeover Repo docker run --dns=8.8.8.8 -e VULNID=dnsnstakeover -e DOMAIN=site.com whitespots/dnsnstakeover CachePoisoning Repo docker run --rm...

Hacktory platform packed with new game-playing features

Without practice, theory is dead. Applied knowledge is essential in any area, especially in cybersecurity, and practice is the only way to make learning worthwhile. There are so many courses to fit any demand. However, boring lectures, outdated textbooks, and vague, complex tasks become obstacles...

Terrascan - Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. GitHub Repo: https://github.com/accurics/terrascan Documentation: https://docs.accurics.com Discuss: https://community.accurics.com Features 500+ Policies for...

OnionSearch - A Script That Scrapes Urls On Different .Onion Search Engines

OnionSearch is a Python3 script that scrapes urls on different ".onion" search engines. Prerequisite Python 3  Currently supported Search engines ahmia darksearchio onionland notevil darksearchenginer phobos onionsearchserver torgle onionsearchengine tordex tor66 tormax haystack multivac evosear...

GG-AESY - Hide Cool Stuff In Images

Blogpost: https://redteamer.tips/introducing-gg-aesy-a-stegocryptor/ WARNING: you might need to restore NuGet packages and restart visual studio before compiling. If anyone knows how I can get rid of this problem, DM me. Manual To start off, I highly recommend to always use GG-AESY using verbose...

Fortiscan - A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool

CVE-2018-13379 Exploitation Tool, You can use this tool to check the vulnerability in your FortiGate SSL-VPN. https://www.fortinet.com/blog/business-and-technology/fortios-ssl-vulnerability Usage v 0.6 File List ./fortiscan ip.txt Usage v 0.5 One Liner to Initiate theScan : Host|IP:Port443 or 104...

Admin-Scanner - This Tool Is Design To Find Admin Panel Of Any Website By Using Custom Wordlist Or Default Wordlist Easily

WebsiteAdmin Panel Finder How To Install Linux/pc sudo apt install python3 sudo apt install python3-pip sudo apt install git git clone https://github.com/alienwhatever/Admin-Scanner.git cd Admin-Scanner How to Install Termux/Android pkg update && pkg upgrade pkg install python3 pkg install git gi...

Talon - A Password Guessing Tool That Targets The Kerberos And LDAP Services Within The Windows Active Directory Environment

Talon is a tool designed to perform automated password guessing attacks while remaining undetected. Talon can enumerate a list of users to identify which users are valid, using Kerberos. Talon can also perform a password guessing attack against the Kerberos and LDAPS LDAP Secure services. Talon c...

Webscan - Browser-based Network Scanner And local-IP Detection

webscan is a browser-based network IP scanner and local IP detector. It detects IPs bound to the user/victim by listening on an RTP data channel via WebRTC and looping back to the port across any live IPs, as well as discovering all live IP addresses on valid subnets by monitoring for immediate...

Tracee - Container And System Event Tracing Using eBPF

Tracee is a lightweight and easy to use container and system tracing tool. It allows you to observe system calls and other system events in real-time. A unique feature of Tracee is that it will only trace newly created processes and containers that were started after Tracee has started, in order ...

DNSx - A Fast And Multi-Purpose DNS Toolkit Allow To Run Multiple DNS Queries Of Your Choice With A List Of User-Supplied Resolvers

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple probers using retryabledns library, that allows you to perform multiple DNS queries of your choice with a list of user supplied resolvers. dnsx is successor of dnsprobe that includes new features, multiple bugs fixes, and tailored...

Damn-Vulnerable-Bank - Vulnerable Banking Application For Android

Damn Vulnerable Bank Android Application aims to provide an interface for everyone to get a detailed understanding with internals and security aspects of android application. How to Use Application Clone the repository and run the Backend Server as per instructions in the link. We have released t...

N1QLMap - The Tool Exfiltrates Data From Couchbase Database By Exploiting N1QL Injection Vulnerabilities

N1QLMap is an N1QL exploitation tool. Currently works with Couchbase database. The tool supports data extraction and performing SSRF attacks via CURL. More information can be found here: https://labs.f-secure.com/blog/n1ql-injection-kind-of-sql-injection-in-a-nosql-database. Usage Help usage:...

Bunkerized-Nginx - Nginx Docker Image Secure By Default

nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web server or reverse proxy. Bunkerized-nginx provides generic security configs, settings and tools so you don't need to do it yourself. Non-exhaustive list of features : HTTPS support...