Sinter - A User-Mode Application Authorization System For MacOS Written In Swift

Sinter is a 100% user-mode endpoint security agent for macOS 10.15 and above, written in Swift. Sinter uses the user-mode EndpointSecurity API to subscribe to and receive authorization callbacks from the macOS kernel, for a set of security-relevant event types. The current version of Sinter...

IoT-PT - A Virtual Environment For Pentesting IoT Devices

A new pentesting virtual environment for IoT Devices Download Link : https://drive.google.com/open?id=1XwGqkLax2irSPpwEpeAqypl9vEywzw3D MD5 : d9c20057b14cfa3fb25f744813b828df ; SHA1: 8828d693dc6c809377bab40d2bc26f525685e287 OS info and Requirements Base OS : Lubuntu 18.04 LTS Processors : 2 By...

Urlbuster - Powerful Mutable Web Directory Fuzzer To Bruteforce Existing And/Or Hidden Files Or Directories

Powerful web directory fuzzer to locate existing and/or hidden files or directories. Similar to dirb or gobuster, but with a lot of mutation options. Installation pip install urlbuster Features Proxy support Cookie support Basic Auth Digest Auth Retries for slow servers Persistent and...

PowerSharpPack - Many usefull offensive CSharp Projects wraped into Powershell for easy usage

Many usefull offensive CSharp Projects wraped into Powershell for easy usage. Why? In my personal opinion offensive Powershell is not dead because of AMSI, Script-block-logging, Constrained Language Mode or other protection features. Any of these mechanisms can be bypassed. Since most new...

Spybrowse - Code Developed To Steal Certain Browser Config Files (History, Preferences, Etc)

Be sure to change the ftp variables throughout the code, these variables contain the username, password, & IP address of the FTP server which receives the files. This code will do the following: 1. Copy itself into the %TMP% directory & name itself ursakta.exe 2. Add a registry entry to execute...

CheckXSS - Detect XSS vulnerability in Web Applications

DetectXSS vulnerability in Web Applications Screenshots Easy Installation As simple as below, Just one line of code: curl -L -s https://raw.githubusercontent.com/Jewel591/CheckXSS/master/docs/install.sh|bash Usage Instructions python3.6 checkxss.py -h Support POST and GET request methods, support...

Phirautee - A PoC Crypto Virus To Spread User Awareness About Attacks And Implications Of Ransomwares

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanentl...

Unfollow-Plus - Automated Instagram Unfollower Bot

Automated Instagram Unfollower Bot. Installation : apt update apt install git curl -y git clone git://github.com/htr-tech/unfollow-plus.git cd unfollow-plus Run : bash unfollower.sh Single Command : apt update ; apt install git curl -y ; git clone git://github.com/htr-tech/unfollow-plus.git ; cd...

DAGOBAH - Open Source Tool To Generate Internal Threat Intelligence, Inventory & Compliance Data From AWS Resources

Dagobah is an open source tool written in python to automate the internal threat intelligence generation, inventory collection and compliance check from different AWS resources. Dagobah collects information and save the state into an elasticsearch index. Dagobah runs into the a LAMBDA and looks a...

AWS Report - A Tool For Analyzing Amazon Resources

AWS Report is a tool for analyzing amazon resources. Install using PIP pip install awsreport Features Search IAM users based on creation date Search buckets public Search security based in rules, default is 0.0.0.0/0 Search elastic ip dissociated Search volumes available Search AMIs with permissi...

Bastillion - A Web-Based SSH Console That Centrally Manages Administrative Access To Systems

Bastillion is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys. Key management and administration is based on profiles assigned to defined users. Administrators can logi...

Nautilus - A Grammar Based Feedback Fuzzer

Nautilus is a coverage guided, grammar based fuzzer. You can use it to improve your test coverage and find more bugs. By specifying the grammar of semi valid inputs, Nautilus is able to perform complex mutation and to uncover more interesting test cases. Many of the ideas behind this fuzzer are...

SharpChromium - .NET 4.0 CLR Project To Retrieve Chromium Data, Such As Cookies, History And Saved Logins

SharpChromium is a .NET 4.0+ CLR project to retrieve data from Google Chrome, Microsoft Edge, and Microsoft Edge Beta. Currently, it can extract: Cookies in JSON format History with associated cookies for each history item Saved Logins Note: All cookies returned are in JSON format. If you have th...

SkyArk - Helps To Discover, Assess And Secure The Most Privileged Entities In Azure And AWS

SkyArk is a cloud security project with two mainscanning modules: 1. AzureStealth - Scans Azure environments 2. AWStealth - Scan AWS environments These two scanning modules will discover the most privileged entities in the target AWS and Azure. The Main Goal - Discover The Most Privileged Cloud...

PE Tree - Python Module For Viewing Portable Executable (PE) Files In A Tree-View

Python module for viewing Portable Executable PE files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro to dump in-memory PE files and reconstruct imports. Features Standalone application and IDAPython plugin Supports Windows/Linux/Mac Rainbow PE ratio map: High-level overview...

Flask-Session-Cookie-Manager - Flask Session Cookie Decoder/Encoder

Flask Session Cookie Decoder/Encoder Depencencies Python 2 or Python 3 itsdangerous Flask Installation BlackArch Linux pacman -S flask-session-cookie-manager3,2 Git ArchLinux Both python3 etn python2: $ git clone https://github.com/noraj/flask-session-cookie-manager.git && cd...

Arcane - A Simple Script Designed To Backdoor iOS Packages (Iphone-Arm) And Create The Necessary Resources For APT Repositories

Arcane is a simple script designed to backdoor iOS packages iphone-arm and create the necessar y resources for APT repositories. It was created for this publication to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS...

IRFuzz - Simple Scanner with Yara Rule

IRFuzz is a simple scanner with yara rules for document archives or any files. Install 1. Prerequisites Linux or OS X Yara: just use the latest release source code, compile and install it or install it via pip install yara-python Yara Rules - You may download yara rules from here or import your...

Evine - Interactive CLI Web Crawler

Evine is a simple, fast, and interactive web crawler and web scraper written in Golang. Evine is useful for a wide range of purposes such as metadata and data extraction, data mining, reconnaissance and testing. Follow the project on Twitter. Install From Binary Pre-build binary releases are also...

SharpAppLocker - C# Port Of The Get-AppLockerPolicy PS Cmdlet

C port of the Get-AppLockerPolicy PS cmdlet / | | / \ | | | | \ --.| | / /\ \ | | | | --. \ ' \ / | '| ' | | ' | ' | | / \ / | |/ / \ '| // / | | | | | | | | | | | | | | | | || | | / | /|| ||,|| | ./| |/ ./| ./// ||\|| | | | | | | || || || V1.0.0 - by Flangvik & JeanMaes1994 Usage: -h,...

PhishingKitTracker - Let's Track Phishing Kits To Give To Research Community Raw Material To Stud

An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats Disclaimer This repository holds a collection of Phishing Kits used by criminals to steal user information. Almost every file into the raw folder is malicious so I strongly...

FestIn - S3 Bucket Weakness Discovery

FestIn is a tool for discovering open S3 Buckets starting from a domains. It perform a lot of test and collects information from: DNS Web Pages Crawler S3 bucket itself like S3 redirections Why Festin There's a lot of S3 tools for enumeration and discover S3 bucket. Some of them are great but...

Chalumeau - Automated, Extendable And Customizable Credential Dumping Tool

Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python. Main Features Write your own Payloads In-Memory execution Extract Password List Dashboard reporting / Web Interface Parsing Mimikatz Dumping Tickets Screenshots Known Issues Parsing Mimikatz...

Gtunnel - A Robust Tunelling Solution Written In Golang

A TCP tunneling suite built with golang and gRPC. gTunnel can manage multiple forward and reverse tunnels that are all carried over a single TCP/HTTP2 connection. I wanted to learn a new language, so I picked go and gRPC. Client executables have been tested on windows and linux. Dependencies...

Taowu - A CobaltStrike Toolkit

TaoWu檮杌 is a CobaltStrike toolkit. All the scripts are gathered on the Internet and slightly modified by myself. You can use it under GPLv3. And all on your own risk. Any PR is appreciated. Or you can contact me on E-mail [email protected] Let's make TaoWu better than ever together. Any...

UEFI_RETool - A Tool For UEFI Firmware Reverse Engineering

A tool for UEFIfirmware reverse engineering. UEFI firmware analysis withuefiretool.py script Usage: Copy idaplugin/uefianalyser.py script and idaplugin/uefianalyser directory to IDA plugins directory Edit config.json file PEDIR is a directory that contains all executable images from the UEFI...

Netenum - A Tool To Passively Discover Active Hosts On A Network

Network reconnaisance tool that sniffs for active hosts Introduction Netenum passively monitors the ARP traffic on the network. It extracts basic data about each active host, such as IP address, MAC address and manufacturer. The main objective of this tool is to find active machines without...

DLInjector-GUI - DLL Injector Graphical User Interface

DLInjector for Graphical User Interface. Faster DLL Injector for processes. It targets the process name to identify the target. The process does not need to be open to define the target. DLInjector waits until the process executed. USAGE DLInjector usage a very simple. Firstly, enter the target...

Xeca - PowerShell Payload Generator

xeca is a project that creates encrypted PowerShell payloads for offensive purposes. Creating position independent shellcode from DLL files is also possible. Install Firstly ensure that rust is installed, then build the project with the following command: cargo build How It Works 1. Identify and...

Cnitch - Container Snitch Checks Running Processes Under The Docker Engine And Alerts If Any Are Found To Be Running As Root

cnitch snitch or container snitch is a simple framework and command line tool for monitoring Docker containers to identify any processes which are running as root. Why is this a bad thing? If you have not already been to can I haz non-privileged containers? by mhausenblas then I recommend you hea...

Mistica - An Open Source Swiss Army Knife For Arbitrary Communication Over Application Protocols

Mística is a tool that allows to embed data into application layer protocol fields, with the goal of establishing a bi-directional channel for arbitrary communications. Currently, encapsulation into HTTP, DNS and ICMP protocols has been implemented, but more protocols are expected to be introduce...

DeimosC2 - A Golang Command And Control Framework For Post-Exploitation

DeimosC2 is a post-exploitation Command & Control C2 tool that leverages multiple communication methods in order to control machines that have been compromised. DeimosC2 server and agents works on, and has been tested on, Windows, Darwin, and Linux. It is entirely written in Golang with a front e...

EternalBlueC - EternalBlue Suite Remade In C/C++ Which Includes: MS17-010 Exploit, EternalBlue Vulnerability Detector, DoublePulsar Detector And DoublePulsar Shellcode & DLL Uploader

EternalBlue suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode ms17vulnstatus.cpp - This program sends 4 SMB packets. 1 negociation packet and 3 requests. This program reads the NTSTATUS...

CWFF - Create Your Custom Wordlist For Fuzzing

CWFF is a tool that creates a special High quality fuzzing/content discovery wordlist for you at the highest speed possible using concurrency and it's heavily inspired by @tomnomnom's Who, What, Where, When, Wordlist NahamCon2020. Usage CWFF -h --threads --github --subdomains --recursive...

Cloudsplaining - An AWS IAM Security Assessment Tool That Identifies Violations Of Least Privilege And Generates A Risk-Prioritized Report

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. Example report Documentation For full documentation, please visit the project on ReadTheDocs. Installation Cheat sheet Example report Overview...

dazzleUP - A Tool That Detects The Privilege Escalation Vulnerabilities Caused By Misconfigurations And Missing Updates In The Windows OS

A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities. Exploit Checks The first feature of dazzleUP is that it uses Windows Update Agent API instead of WMI like...

uDork - Tool That Uses Advanced Google Search Techniques To Obtain Sensitive Information In Files Or Directories, Find IoT Devices, Detect Versions Of Web Applications, And So On

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on. uDork does NOT make attacks against any server, it only uses predefined dorks and/or...

Oralyzer - Tool To Identify Open Redirection

Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing the url i.e. provided as the input. Features Oralyzer can identify different types of Open Redirect Vulnerabilities : Header Based Javascript Based Meta Tag Based...

Kubebox - Terminal And Web Console For Kubernetes

Terminal and Web console for Kubernetes Features Configuration from kubeconfig files KUBECONFIG environment variable or $HOME/.kube Switch contexts interactively Authentication support bearer token, basic auth, private key / cert, OAuth, OpenID Connect, Amazon EKS, Google Kubernetes Engine, Digit...

Commit Stream - OSINT Tool For Finding Github Repositories By Extracting Commit Logs In Real Time From The Github Event API

commit-stream drinks commit logs from the Github event firehose exposing the author details name and email address associated with Github repositories in real time. OSINT / Recon uses for Redteamers / Bug bounty hunters: Uncover repositories which employees of a target company is commiting code...

SNOWCRASH - A Polyglot Payload Generator

A polyglot payload generator Introduction SNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected by the user in this case combined Bash and Powershell code is embedded into a single polyglot template, which is platform-agnostic. There are few payloads...

Intelspy - Perform Automated Network Reconnaissance Scans

Perform automated network reconnaissance scans to gather network intelligence. IntelSpy is a multi-threaded network intelligence spy tool which performs automated enumeration of network services. It performs live hosts detection scans, port scans, services enumeration scans, web content scans,...

TrustJack - Yet Another PoC For Hijacking DLLs in Windows

Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows Blogpost: https://redteamer.tips/?p=108 To be used with a cmd that does whatever the F you want, for a dll that pops cmd, https://github.com/jfmaes/CMDLL. check the list in wietze's site to check how you should call...

HawkScan - Security Tool For Reconnaissance And Information Gathering On A Website

Security Tool for Reconnaissance and Information Gathering on a website. python 2.x & 3.x This script use "WafW00f" to detect the WAF in the first step https://github.com/EnableSecurity/wafw00f This script use "Sublist3r" to scan subdomains https://github.com/aboul3la/Sublist3r This script use...

Sitedorks - Search Google/Bing/DuckDuckGo/Yandex/Yahoo For A Search Term With Different Websites

Search Google, Bing, Yahoo or Yandex for a search term with different websites. A default list is already provided, which contains Github, Gitlab, Surveymonkey, Trello etc etc. Currently, a default list of 231 dorkable websites is available. Current categories on file are: analysis10 cloud34 code...

reNgine - An Automated Reconnaissance Framework Meant For Gathering Information During Penetration Testing Of Web Applications

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. The beauty of reNgine is that it gathers everything in...

Autoenum - Automatic Service Enumeration Script

Autoenum is a recon tool which performs automatic enumeration of services discovered. I built this to save some time during CTFs and pen testing environments i.e. HTB, VulnHub, OSCP and draws a bit from a number of existing tools including AutoRecon https://github.com/Tib3rius/AutoRecon, Auto-Rec...

AuthMatrix - A Burp Suite Extension That Provides A Simple Way To Test Authorization

AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services. With AuthMatrix, testers focus on thoroughly defining tables of users, roles, and requests for their specific target application upfront. These tables are structured in ...

Permission Manager - A Project That Brings Sanity To Kubernetes RBAC And Users Management, Web UI FTW

Welcome to the Permission Manager! Permission Manager is an application developed by SIGHUP that enables a super-easy and user-friendly RBACmanagement for Kubernetes. If you are looking for a simple and intuitive way of managing your users within a Kubernetes cluster, this is the right place. Wit...

Quiver - Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing

Quiver is the tool to manage all of your tools. It's an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn't hide commands fro...