Nodesub - Command-Line Tool For Finding Subdomains In Bug Bounty Programs

Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides flexible options for customization. Features Perform subdomain enumeration using CIDR notation Support input list. Perform subdomain enumeration using AS...

Apepe - Enumerate Information From An App Based On The APK File

Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language... Installing / Getting started A quick guide of how to install and u...

Mellon - OSDP Attack Tool

OSDP attack tool and the Elvish word for friend Attack 1: Encryption is Optional OSDP supports, but doesn't strictly require , encryption. So your connection might not even be encrypted at all. Attack 1 is just to passively listen and see if you can read the card numbers on the wire. Attack 2:...

Electron_Shell - Developing A More Covert Remote Access Trojan (RAT) Tool By Leveraging Electron's Features For Command Injection And Combining It With Remote Control Methods

Electronshell Developing a more covert Remote Access Trojan RAT tool by leveraging Electron's features for command injection and combining it with remote control methods. Read More: AOH 024探索将Shell寄生于Electron程序的自动化实现 Features Supports almost all operating systems mac linux windows Supports almost...

Skyhook - A Round-Trip Obfuscated HTTP File Transfer Setup Built To Bypass IDS Detections

Skyhook is a REST-driven utility used to smuggle files into and out of networks defended by IDS implementations. It comes with a pre-packaged web client that uses a blend of React, vanilla JS, and web assembly to manage file transfers. Key Links Download here See the user documentation to get...

Pinkerton - An JavaScript File Crawler And Secret Finder Developed In Python

️️ Pinkerton is a Python tool created to crawl JavaScript files and search for secrets Installing / Getting started A quick guide of how to install and use Pinkerton. 1. Clone the repository with: git clone https://github.com/oppsec/pinkerton.git 2. Install the libraries with: pip3 install -r...

WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol

Set of python scripts which perform different ways of command execution via WMI protocol. Blog Post https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/ Usage wmiexecscheduledjob.py Is a python script which authenticates to a remote WMI instance and execute commands vi...

AtlasReaper - A Command-Line Tool For Reconnaissance And Targeted Write Operations On Confluence And Jira Instances

AtlasReaper is a command-line tool developed for offensive security purposes, primarily focused on reconnaissance of Confluence and Jira. It also provides various features that can be helpful for tasks such as credential farming and social engineering. The tool is written in C. Blog post: Sowing...

KnockKnock - Enumerate Valid Users Within Microsoft Teams And OneDrive With Clean Output

Designed to validate potential usernames by querying OneDrive and/or Microsoft Teams, which are passive methods. Additionally, it can output/create a list of legacy Skype users identified through Microsoft Teams enumeration. Finally, it also creates a nice clean list for future usage, all conduct...

EDRaser - Tool For Remotely Deleting Access Logs, Windows Event Logs, Databases, And Other Files

EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. Automated Mode In automated mode, EDRaser scans the C class of a given address space of IPs for vulnerable syste...

HTMLSmuggler - HTML Smuggling Generator And Obfuscator For Your Red Team Operations

The full explanation what is HTML Smuggling may be found here. The primary objective of HTML smuggling is to bypass network security controls, such as firewalls and intrusion detection systems, by disguising malicious payloads within seemingly harmless HTML and JavaScript code. By exploiting the...

Dynmx - Signature-based Detection Of Malware Features Based On Windows API Call Sequences

dynmx spoken dynamics is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way, you can think of dynmx as a sort of YARA for API call traces so called function logs originating from malware sandboxes. Hence, the data basis f...

Sekiryu - Comprehensive Toolkit For Ghidra Headless

This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra in Headless mode. This toolkit provides a wide range of scripts that can be executed both inside and alongside Ghidra, enabling users to perform tasks such as...

Callisto - An Intelligent Binary Vulnerability Analysis Tool

Callisto is an intelligent automated binary vulnerability analysis tool. Its purpose is to autonomously decompile a provided binary and iterate through the psuedo code output looking for potential security vulnerabilities in that pseudo c code. Ghidra's headless decompiler is what drives the bina...

SMShell - Send Commands And Receive Responses Over SMS From Mobile Broadband Capable Computers

PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers. This tool came as an insipiration during a research on eSIM security implications led by Markus Vervier, presented at Offensivecon 2023 Disclaimer This is not a complete C2 but rather...

Surf - Escalate Your SSRF Vulnerabilities On Modern Cloud Environments

surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by sending a HTTP request from your machine to each host, collecting all the hosts that did not respond, and then filtering them into a list of externally facing and internally facing hosts. You ca...

Promptmap - Automatically Tests Prompt Injection Attacks On ChatGPT Instances

Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the system, an attacker can force the ChatGPT instance to do unintended actions. promptmap is a tool that automatically tests prompt...

ADCSKiller - An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer

ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services ADCS vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is...

Z9 - PowerShell Script Analyzer

Abstract This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging. Online Demo Install git clone https://github.com/Sh1n0g1/z9 How to use usage: z9.py -h --output OUTPUT -s --no-viewer --utf8 input positional arguments: input Input file path options:...

NucleiFuzzer - Powerful Automation Tool For Detecting XSS, SQLi, SSRF, Open-Redirect, Etc.. Vulnerabilities In Web Applications

NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to identify potential entry points and Nuclei's templates to scan for vulnerabilities. NucleiFuzzer streamlines the process, making it easier for security...

KaliPackergeManager - Kali Packerge Manager

kalipm.sh is a powerful package management tool for Kali Linux that provides a user-friendly menu-based interface to simplify the installation of various packages and tools. It streamlines the process of managing software and enables users to effortlessly install packages from different categorie...

VTScanner - A Comprehensive Python-based Security Tool For File Scanning, Malware Detection, And Analysis In An Ever-Evolving Cyber Landscape

VTScanner is a versatile Python tool that empowers users to perform comprehensive file scans within a selected directory for malware detection and analysis. It seamlessly integrates with the VirusTotal API to deliver extensive insights into the safety of your files. VTScanner is compatible with...

Moniorg - Tool That Leverages Crt.Sh Website To Monitor Domains Of A Target

By looking through CT logs an attacker can gather a lot of information about organization's infrastructure i.e. internal domains,email addresses in a completly passive manner. moniorg leverage certificate transparency logs to monitor for newly issued domains based on organization field in their S...

HTTP-Shell - MultiPlatform HTTP Reverse Shell

HTTP-Shell is Multiplatform Reverse Shell. This tool helps you to obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells, the main goal of the tool is to use it in conjunction with Microsoft Dev Tunnels, in order to get a connection as close as possible to a...

EmploLeaks - Finding Leaked Employees Info for the Win

Developed by Faraday security researchers, this cutting-edge tool utilizes the power of OpenSource Intelligence techniques. EmploLeaks extracts valuable insights by scouring various platforms, to compile a comprehensive list of employees associated with a given company and cross-reference these...

Quick-Lookup-Ptrun - Quick Lookup Plugin For PowerToys Run (Wox)

This plugin for PowerToys Run allows you to quickly search for an IP address, domain name, hash or any other data points in a list of Cyber Security tools. It's perfect for security analysts, penetration testers, or anyone else who needs to quickly lookup information when investigating artifacts ...

DorXNG - Next Generation DorX. Built By Dorks, For Dorks

DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers. On the backend it leverages a purpose built containerized image of SearXNG, a self-hosted, hackable, privacy focused, meta-search engine. Our SearXNG...

ICMPWatch - ICMP Packet Sniffer

ICMP Packet Sniffer is a Python program that allows you to capture and analyze ICMP Internet Control Message Protocol packets on a network interface. It provides detailed information about the captured packets, including source and destination IP addresses, MAC addresses, ICMP type, payload data,...

DoSinator - A Powerful Denial Of Service (DoS) Testing Tool

DoSinator is a versatile Denial of Service DoS testing tool developed in Python. It empowers security professionals and researchers to simulate various types of DoS attacks, allowing them to assess the resilience of networks, systems, and applications against potential cyber threats. Features...

WiFi-Pineapple-MK7_REST-Client - WiFi Hacking Workflow With WiFi Pineapple Mark VII API

PINEAPPLE MARK VII REST CLIENT The leading rogue access point and WiFi pentest toolkit for close access operations. Passive and active attacks analyze vulnerable and misconfigured devices. https://hak5.org/collections/sale/products/wifi-pineapple Author :: TW-D Version :: 1.3.7 Copyright ::...

Associated-Threat-Analyzer - Detects Malicious IPv4 Addresses And Domain Names Associated With Your Web Application Using Local Malicious Domain And IPv4 Lists

Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious domain and IPv4 lists. Installation From Git git clone https://github.com/OsmanKandemir/associated-threat-analyzer.git cd associated-threat-analyzer && pip3...

Tiny_Tracer - A Pin Tool For Tracing API Calls Etc

A Pin Tool for tracing: API calls, including parameters of selected functions selected instructions: RDTSC, CPUID, INT inline system calls, including parameters of selected syscalls transition between sections of the traced module helpful in finding OEP of the packed module Bypasses the...

PurpleOps - An Open-Source Self-Hosted Purple Team Management Web Application

An open-source self-hosted purple team management web application. Key Features Template engagements and testcases Framework friendly Role-based Access Control & MFA Inbuilt DOCX reporting + custom template support How PurpleOps is different: No attribution needed Hackable, no "no-reversing"...

Temcrypt - Evolutionary Encryption Framework Based On Scalable Complexity Over Time

The Next-gen Encryption Try temcrypt on the Web → temcrypt SDK Focused on protecting highly sensitive data, temcrypt is an advanced multi-layer data evolutionary encryption mechanism that offers scalable complexity over time, and is resistant to common brute force attacks. You can create your own...

Noir - An Attack Surface Detector Form Source Code

Noir is an attack surface detector form source code. Key Features Automatically identify language and framework from source code. Find API endpoints and web pages through code analysis. Load results quickly through interactions with proxy tools such as ZAP, Burpsuite, Caido and More Proxy tools...

DNSWatch - DNS Traffic Sniffer and Analyzer

DNSWatch is a Python-based tool that allows you to sniff and analyze DNS Domain Name System traffic on your network. It listens to DNS requests and responses and provides insights into the DNS activity. Features Sniff and analyze DNS requests and responses. Display DNS requests with their...

Poastal - The Email OSINT Tool

Poastal is an email OSINT tool that provides valuable information on any email address. With Poastal, you can easily input an email address and it will quickly answer several questions, providing you with crucial information. Features Determine the name of the person who has the email. Check if t...

Holehe - Tool To Check If The Mail Is Used On Different Sites Like Twitter, Instagram And Will Retrieve Information On Sites With The Forgotten Password Function

Holehe Online Version Summary Efficiently finding registered accounts from emails. Holehe checks if an email is attached to an account on sites like twitter, instagram, imgur and more than 120 others. Retrieves information using the forgotten password function. Does not alert the target email. Ru...

Kali Linux 2023.3 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2023.3. This release has various impressive updates. The highlights of the changelog since the 2023.2 release from May: Internal Infrastructure - Major stack changes is under way Kali Autopilot - The automation attack framework has had an major...

Evil QR - Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice

Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing. It consists of a browser extension used by the attacker to extract the sign-in QR code and a server application, which retrieves the sign-in QR codes to...

AD_Enumeration_Hunt - Collection Of PowerShell Scripts And Commands That Can Be Used For Active Directory (AD) Penetration Testing And Security Assessment

Description Welcome to the AD Pentesting Toolkit! This repository contains a collection of PowerShell scripts and commands that can be used for Active Directory AD penetration testing and security assessment. The scripts cover various aspects of AD enumeration, user and group management, computer...

MSSqlPwner - An Advanced And Versatile Pentesting Tool Designed To Seamlessly Interact With MSSQL Servers And Based On Impacket

MSSqlPwner is an advanced and versatile pentesting tool designed to seamlessly interact with MSSQL servers and based on Impacket. The MSSqlPwner tool empowers ethical hackers and security professionals to conduct comprehensive security assessments on MSSQL environments. With MSSqlPwner, users can...

HEDnsExtractor - Raw Html Extractor From Hurricane Electric Portal

HEDnsExtractor Raw html extractor from Hurricane Electric portal Features Automatically identify IPAddr ou Networks through command line parameter or stdin Extract networks based on IPAddr. Extract domains from networks. Installation go install -v...

Xsubfind3R - A CLI Utility To Find Domain'S Known Subdomains From Curated Passive Online Sources

xsubfind3r is a command-line interface CLI utility to find domain's known subdomains from curated passive online sources. Features Fetches domains from curated passive sources to maximize results. Supports stdin and stdout for easy integration into workflows. Cross-Platform Windows, Linux & macOS...

Bryobio - NETWORK Pcap File Analysis

NETWORK Pcap File Analysis, It was developed to speed up the processes of SOC Analysts during analysis Tested OK Debian OK Ubuntu Requirements $ pip install pyshark $ pip install dpkt $ Wireshark $ Tshark $ Mergecap $ Ngrep 𝗜𝗡𝗦𝗧𝗔𝗟𝗟𝗔𝗧𝗜𝗢𝗡 𝗜𝗡𝗦𝗧𝗥𝗨𝗖𝗧𝗜𝗢𝗡𝗦 $ https://github.com/emrekybs/Bryobio.git $ cd...

HackBot - A Simple Cli Chatbot Having Llama2 As Its Backend Chat AI

Welcome to HackBot, an AI-powered cybersecurity chatbot designed to provide helpful and accurate answers to your cybersecurity-related queries and also do code analysis and scan analysis. Whether you are a security researcher, an ethical hacker, or just curious about cybersecurity, HackBot is her...

InfoHound - An OSINT To Extract A Large Amount Of Data Given A Web Domain Name

During the reconnaissance phase, an attacker searches for any information about his target to create a profile that will later help him to identify possible ways to get in an organization. InfoHound performs passive analysis techniques which do not interact directly with the target using OSINT to...

Redeye - A Tool Intended To Help You Manage Your Data During A Pentest Operation

This project was built by pentesters for pentesters. Redeye is a tool intended to help you manage your data during a pentest operation in the most efficient and organized way. The Developers Daniel Arad - @dandanarad && Elad Pticha - @eladpt Overview The Server panel will display all added server...

Trawler - PowerShell Script To Help Incident Responders Discover Adversary Persistence Mechanisms

Dredging Windows for Persistence What is it? Trawler is a PowerShell script designed to help Incident Responders discover potential indicators of compromise on Windows hosts, primarily focused on persistence mechanisms including Scheduled Tasks, Services, Registry Modifications, Startup Items,...

Chimera - Automated DLL Sideloading Tool With EDR Evasion Capabilities

While DLL sideloading can be used for legitimate purposes, such as loading necessary libraries for a program to function, it can also be used for malicious purposes. Attackers can use DLL sideloading to execute arbitrary code on a target system, often by exploiting vulnerabilities in legitimate...