NixImports - A .NET Malware Loader, Using API-Hashing To Evade Static Analysis

A .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis How does it work? NixImports uses my managed API-Hashing implementation HInvoke, to dynamically resolve most of it's called functions at runtime. To resolve the functions HInvoke requires two hashes the typeHas...

Columbus-Server - API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features

Columbus Project is an API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features. Columbus returned 638subdomains of tesla.com in 0.231 sec. Usage By default Columbus returns only the subdomains in a JSON string array: curl...

Xcrawl3R - A CLI Utility To Recursively Crawl Webpages

xcrawl3r is a command-line interface CLI utility to recursively crawl webpages i.e systematically browse webpages' URLs and follow links to discover linked webpages' URLs. Features Recursively crawls webpages for URLs. Parses URLs from files .js, .json, .xml, .csv, .txt & .map. Parses URLs from...

Chaos - Origin IP Scanning Utility Developed With ChatGPT

chaos is an 'origin' IP scanner developed by RST in collaboration with ChatGPT. It is a niche utility with an intended audience of mostly penetration testers and bug hunters. An origin-IP is a term-of-art expression describing the final public IP destination for websites that are publicly served...

Xurlfind3R - A CLI Utility To Find Domain'S Known URLs From Curated Passive Online Sources

xurlfind3r is a command-line interface CLI utility to find domain's known URLs from curated passive online sources. Features Fetches URLs from curated passive sources to maximize results: AlienVault's OTX BeVigil Common Crawl URLScan Github Intelligence X Wayback Machine With Wayback Machine,...

Nac_Bypass_Agent - This Function Combines All The Above Functions And Takes Necessary Information From The User To Change The IP And MAC Address, Start The Responder And Tcpdump Tools, And Run The Nbtscan Tool

Nac Bypass Agent This piece of code is a script written in Python and designed to run on Kali Linux. Here is a summary explaining what each function does: runcommandcommand: This function runs the command it takes as input and returns its output. killnetworkservices: This function stops the...

Browser-password-stealer - Get All The Saved Passwords, Credit Cards And Bookmarks From Chromium Based Browsers Supports Chromium 80 And Above!

This python program gets all the saved passwords, credit cards and bookmarks from chromium based browsers supports chromium 80 and above! Modules Required To install all the required modules use the following code: pip install -r requirements.txt Supported browsers Chromium Based Browsers ✔ Amigo...

AiCEF - An AI-assisted cyber exercise content generation framework using named entity recognition

AiCEF is a tool implementing the accompanying framework 1 in order to harness the intelligence that is available from online resources, as well as threat groups' activities, arsenal eg. MITRE, to create relevant and timely cybersecurity exercise content. This way, we abstract the events from the...

Upload_Bypass - File Upload Restrictions Bypass, By Using Different Bug Bounty Techniques Covered In Hacktricks

UploadBypass is a powerful tool designed to assist Pentesters and Bug Hunters in testing file upload mechanisms. It leverages various bug bounty techniques to simplify the process of identifying and exploiting vulnerabilities, ensuring thorough assessments of web applications. Simplifies the...

IMDShift - Automates Migration Process Of Workloads To IMDSv2 To Avoid SSRF Attacks

AWS workloads that rely on the metadata endpoint are vulnerable to Server-Side Request Forgery SSRF attacks. IMDShift automates the migration process of all workloads to IMDSv2 with extensive capabilities, which implements enhanced security measures to protect against these attacks. Features...

PrivKit - Simple Beacon Object File That Detects Privilege Escalation Vulnerabilities Caused By Misconfigurations On Windows OS

PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS. PrivKit detects following misconfigurations Checks for Unquoted Service Paths Checks for Autologon Registry Keys Checks for Always Install Elevated Registry Keys...

KRBUACBypass - UAC Bypass By Abusing Kerberos Tickets

This POC is inspired by James Forshaw @tiraniddo shared at BlackHat USA 2022 titled “ Taking Kerberos To The Next Level ” topic, he shared a Demo of abusing Kerberos tickets to achieve UAC bypass. By adding a KERB-AD-RESTRICTION-ENTRY to the service ticket, but filling in a fake MachineID, we can...

TelegramRAT - Cross Platform Telegram Based RAT That Communicates Via Telegram To Evade Network Restrictions

Cross Platform Telegram based RAT that communicates via telegram to evade network restrictions Installation: 1. git clone https://github.com/machine1337/TelegramRAT.git 2. Now Follow the instructions in HOW TO USE Section. HOW TO USE: 1. Go to Telegram and search for https://t.me/BotFather 2...

LFI-FINDER - Tool Focuses On Detecting Local File Inclusion (LFI) Vulnerabilities

Written by TMRSWRR Version 1.0.0 Instagram: TMRSWRR How to use LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion LFI vulnerabilities. Local File Inclusion is a common security vulnerability that allows an attacker to include files from a web serv...

Artemis - APK Infrastructure Investigator

Overview A tools for Find APK Infrastructure . HADESS performs offensive cybersecurity services through infrastructures and software that include vulnerability analysis, scenario attack planning, and implementation of custom integrated preventive projects. We organized our activities around the...

pyFUD - Multi Clients FUD Reverse Shell

python3 based multi clients reverse shell. Warning: 1. Don't Upload Any Payloads To VirusTotal.com Bcz This tool will not work with Time. 2. Virustotal Share Signatures With AV Comapnies. 3. Again Don't be an Idiot! Installation: 1. git clone https://github.com/machine1337/pyFUD 2. python3...

Mapsdumper - Dump Place Details From Google Maps Like Phone, Email, Website, And Reviews

MAPSDUMPER Demo • Installation • Feature • Credits A tool for dumping place details from Google Maps such as phone numbers, emails, websites, and reviews. Demo Run / Installation How to run ? node index.js" dir="auto" git clone https://github.com/tegal1337/mapsdumper cd mapsdumper npm install nod...

Bashfuscator - A Fully Configurable And Extendable Bash Obfuscation Framework

Documentation What is Bashfuscator? Bashfuscator is a modular and extendable Bash obfuscation framework written in Python 3. It provides numerous different ways of making Bash one-liners or scripts much more difficult to understand. It accomplishes this by generating convoluted, randomized Bash...

Wallet-Transaction-Monitor - This Script Monitors A Bitcoin Wallet Address And Notifies The User When There Are Changes In The Balance Or New Transactions

This script monitors a Bitcoin wallet address and notifies the user when there are changes in the balance or new transactions. It provides real-time updates on incoming and outgoing transactions, along with the corresponding amounts and timestamps. Additionally, it can play a sound notification o...

CakeFuzzer - Automatically And Continuously Discover Vulnerabilities In Web Applications Created Based On Specific Frameworks

Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently it is implemented to support the Cake PHP framework. If you would like to learn more about t...

Network_Assessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the network you monitor. This Python script analyzes network traffic in a given .pcap file and attempts to detect the following suspicious network activities and attack...

Blackbone - Windows Memory Hacking Library

Windows memory hacking library Features x86 and x64 support Process interaction Manage PEB32/PEB64 Manage process through WOW64 barrier Process Memory Allocate and free virtual memory Change memory protection Read/Write virtual memory Process modules Enumerate all 32/64 bit modules loaded...

VX-API - Collection Of Various Malicious Functionality To Aid In Malware Development

The VX-API is a collection of malicious functionality to aid in malware development. It is recommended you clone and/or download this entire repo then open the Visual Studio solution file to easily explore functionality and concepts. Some functions may be dependent on other functions present with...

PPLcontrol - Controlling Windows PP(L)s

This tool allows you to list protected processes, get the protection level of a specific process, or set an arbitrary protection level. For more information, you can read this blog post: Debugging Protected Processes. Usage 1. Download the MSI driver You can get a copy of the MSI driver...

Hidden - Windows Driver With Usermode Interface Which Can Hide Processes, File-System And Registry Objects, Protect Processes And Etc

Hidden has been developed like a solution for reverse engineering and researching tasks. This is a windows driver with a usermode interface which is used for hiding specific environment on your windows machine, like installed RCE programs ex. procmon, wireshark, vm infrastructure ex. vmware tools...

Sysreptor - Fully Customisable, Offensive Security Reporting Tool Designed For Pentesters, Red Teamers And Other Security-Related People Alike

Easy and customisable pentest report creator based on simple web technologies. SysReptor is a fully customisable, offensive security reporting tool designed for pentesters, red teamers and other security-related people alike. You can create designs based on simple HTML and CSS, write your reports...

ZeusCloud - Open Source Cloud Security

ZeusCloud is an open source cloud security platform. Discover, prioritize, and remediate your risks in the cloud. Build an asset inventory of your AWS accounts. Discover attack paths based on public exposure, IAM, vulnerabilities, and more. Prioritize findings with graphical context. Remediate...

Mantra - A Tool Used To Hunt Down API Key Leaks In JS Files And Pages

The tool in question was created in Go and its main objective is to search for API keys in JavaScript files and HTML pages. It works by checking the source code of web pages and script files for strings that are identical or similar to API keys. These keys are often used for authentication to...

yaraQA - YARA Rule Analyzer To Improve Rule Quality And Performance

YARA rule Analyzer to improve rule quality and performance Why? YARA rules can be syntactically correct but still dysfunctional. yaraQA tries to find and report these issues to the author or maintainer of a YARA rule set. The issues yaraQA tries to detect are e.g.: rules that are syntactically...

WPAxFuzz - A Full-Featured Open-Source Wi-Fi Fuzzer

This tool is capable of fuzzing either any management, control or data frame of the 802.11 protocol or the SAE exchange. For the management, control or data frames, you can choose either the "standard" mode where all of the frames transmitted have valid size values or the "random" mode where the...

Acltoolkit - ACL Abuse Swiss-Knife

acltoolkit is an ACL abuse swiss-army knife. It implements multiple ACL abuses. Installation pip install acltoolkit-ad or git clone https://github.com/zblurx/acltoolkit.git cd acltoolkit make Usage usage: acltoolkit -h -debug -hashes LMHASH:NTHASH -no-pass -k -dc-ip ip address -scheme ldap scheme...

Blacklist3r - Accumulate Secret Keys / Secret Materials Related To Various Web Frameworks

The goal of this project is to accumulate the secret keys / secret materials related to various web frameworks, that are publicly available and potentially used by developers. These secrets will be utilized by the Blacklist3r tools to audit the target application and verify the usage of these...

Badsecrets - A Library For Detecting Known Secrets Across Many Web Frameworks

A pure python library for identifying the use of known or very weak cryptographic secrets across a variety of platforms. The project is designed to be both a repository of various "known secrets" for example, ASP.NET machine keys found in examples in tutorials, and to provide a language-agnostic...

SOC-Multitool - A Powerful And User-Friendly Browser Extension That Streamlines Investigations For Security Professionals

Introducing SOC Multi-tool, a free and open-source browser extension that makes investigations faster and more efficient. Now available on the Chrome Web Store and compatible with all Chromium-based browsers such as Microsoft Edge, Chrome, Brave, and Opera. Now available on Chrome Web Store!...

BugChecker - SoftICE-like Kernel Debugger For Windows 11

Introduction BugChecker is a SoftICE-like kernel and user debugger for Windows 11 and Windows XP as well: it supports Windows versions from XP to 11, both x86 and x64. BugChecker doesn't require a second machine to be connected to the system being debugged, like in the case of WinDbg and KD. This...

ScrapPY - A Python Utility For Scraping Manuals, Documents, And Other Sensitive PDFs To Generate Wordlists That Can Be Utilized By Offensive Security Tools

ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate targeted wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, and dictionary attacks. ScrapPY performs word frequency, entropy, and metadata analysis, a...

Wanderer - An Open-Source Process Injection Enumeration Tool Written In C#

Wanderer is an open-source program that collects information about running processes. This information includes the integrity level, the presence of the AMSI as a loaded module, whether it is running as 64-bit or 32-bit as well as the privilege level of the current process. This information is...

Polaris - Validation Of Best Practices In Your Kubernetes Clusters

Polaris is an open source policy engine for Kubernetes Polaris is an open source policy engine for Kubernetes that validates and remediates resource configuration. It includes 30+ built in configuration policies, as well as the ability to build custom policies with JSON Schema. When run on the...

Bropper - An Automatic Blind ROP Exploitation Tool

An automatic Blind ROP exploitation python tool Abstract BROP Blind ROP was a technique found by Andrew Bittau from Stanford in 2014. Original paper Slides Most servers like nginx, Apache, MySQL, forks then communicates with the client. This means canary and addresses stay the same even if there ...

Golddigger - Search Files For Gold

Gold Digger is a simple tool used to help quickly discover sensitive information in files recursively. Originally written to assist in rapidly searching files obtained during a penetration test. Installation Gold Digger requires Python3. virtualenv -p python3 . source bin/activate python dig.py...

Artemis - A Modular Web Reconnaissance Tool And Vulnerability Scanner

A modular web reconnaissance tool and vulnerability scanner based on Karton https://github.com/CERT-Polska/karton. The Artemis project has been initiated by the KN Cyber science club of Warsaw University of Technology and is currently being maintained by CERT Polska. Artemis is experimental...

ReconAIzer - A Burp Suite Extension To Add OpenAI (GPT) On Burp And Help You With Your Bug Bounty Recon To Discover Endpoints, Params, URLs, Subdomains And More!

ReconAIzer is a powerful Jython extension for Burp Suite that leverages OpenAI to help bug bounty hunters optimize their recon process. This extension automates various tasks, making it easier and faster for security researchers to identify and exploit vulnerabilities. Once installed, ReconAIzer...

HardHatC2 - A C# Command And Control Framework

A cross-platform, collaborative, Command & Control framework written in C, designed for red teaming and ease of use. HardHat is a multiplayer C .NET-based command and control framework. Designed to aid in red team engagements and penetration testing. HardHat aims to improve the quality of life...

Gato - GitHub Self-Hosted Runner Enumeration And Attack Tool

Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access token within a GitHub organization. The tool also allows searching for and thoroughly enumerating publ...

msLDAPDump - LDAP Enumeration Tool

msLDAPDump simplifies LDAP enumeration in a domain environment by wrapping the lpap3 library from Python in an easy-to-use interface. Like most of my tools, this one works best on Windows. If using Unix, the tool will not resolve hostnames that are not accessible via eth0 currently. Binding...

Certsync - Dump NTDS With Golden Certificates And UnPAC The Hash

certsync is a new technique in order to dump NTDS remotely, but this time without DRSUAPI : it uses golden certificate and UnPAC the hash. It works in several steps: 1. Dump user list, CA informations and CRL from LDAP 2. Dump CA certificate and private key 3. Forge offline a certificate for ever...

EndExt - Go Tool For Extracting All The Possible Endpoints From The JS Files

EndExt is a .go tool for extracting all the possible endpoints from the JS files Idea When you crawll all the JS files from waybackruls for example, or even collecting the JS files urls from your target website's home source page .. If the website was using API system and you wanna look for all t...

Scanner-and-Patcher - A Web Vulnerability Scanner And Patcher

This tools is very helpful for finding vulnerabilities present in the Web Applications. A web application scanner explores a web application by crawling through its web pages and examines it for security vulnerabilities, which involves generation of malicious inputs and evaluation of application'...

Handle-Ripper - Windows Handle Hijacker

Handle hijacking is a technique used in Windows operating systems to gain access to resources and resources of a system without permission. It is a type of privilege escalation attack in which a malicious user takes control of an object handle, which is an identifier that is used to reference a...

Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase

AntiForensics Tool For Red Teamers, Used For Erasing Some Footprints In The Post Exploitation Phase. Reduces Payload Burnout And Increases Detection Countdown. Can Be Used To Test The capabilities of Your Incident Response / Forensics Teams. Capabilities Unloading Sysmon Driver. Gutmann Method Fi...