Skyhook – A Round-Trip Obfuscated HTTP File Transfer Setup Built To Bypass IDS Detections
Skyhook is a REST-driven utility used to smuggle files into and out of networks defended by IDS implementations. It comes...
Tools
Pinkerton – An JavaScript File Crawler And Secret Finder Developed In Python
️️ Pinkerton is a Python tool created to crawl JavaScript files and search for secrets Installing / Getting started A...
WMIExec – Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol
Set of python scripts which perform different ways of command execution via WMI protocol. Blog Post https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/ Usage wmiexec_scheduledjob.py Is...
KnockKnock – Enumerate Valid Users Within Microsoft Teams And OneDrive With Clean Output
Designed to validate potential usernames by querying OneDrive and/or Microsoft Teams, which are passive methods. Additionally, it can output/create a...
AtlasReaper – A Command-Line Tool For Reconnaissance And Targeted Write Operations On Confluence And Jira Instances
AtlasReaper is a command-line tool developed for offensive security purposes, primarily focused on reconnaissance of Confluence and Jira. It...
EDRaser – Tool For Remotely Deleting Access Logs, Windows Event Logs, Databases, And Other Files
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines....
HTMLSmuggler – HTML Smuggling Generator And Obfuscator For Your Red Team Operations
" dir="auto"><script> import { download } from './payload.esm';</script> Call download() function: <template> <button @click="download()">Some phishy button</button></template> Happy phishing :) FAQ...
Dynmx – Signature-based Detection Of Malware Features Based On Windows API Call Sequences
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a...
Sekiryu – Comprehensive Toolkit For Ghidra Headless
This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra...
Callisto – An Intelligent Binary Vulnerability Analysis Tool
Callisto is an intelligent automated binary vulnerability analysis tool. Its purpose is to autonomously decompile a provided binary and iterate...
SMShell – Send Commands And Receive Responses Over SMS From Mobile Broadband Capable Computers
PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers. This tool came...
ADCSKiller – An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities....
Promptmap – Automatically Tests Prompt Injection Attacks On ChatGPT Instances
Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance....
Surf – Escalate Your SSRF Vulnerabilities On Modern Cloud Environments
surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by...
Z9 – PowerShell Script Analyzer
Abstract This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging. Online Demo Install...
NucleiFuzzer – Powerful Automation Tool For Detecting XSS, SQLi, SSRF, Open-Redirect, Etc.. Vulnerabilities In Web Applications
NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to...
KaliPackergeManager – Kali Packerge Manager
kalipm.sh is a powerful package management tool for Kali Linux that provides a user-friendly menu-based interface to simplify the installation...
VTScanner – A Comprehensive Python-based Security Tool For File Scanning, Malware Detection, And Analysis In An Ever-Evolving Cyber Landscape
VTScanner is a versatile Python tool that empowers users to perform comprehensive file scans within a selected directory for malware...
Moniorg – Tool That Leverages Crt.Sh Website To Monitor Domains Of A Target
By looking through CT logs an attacker can gather a lot of information about organization's infrastructure i.e. internal domains,email addresses...
HTTP-Shell – MultiPlatform HTTP Reverse Shell
HTTP-Shell is Multiplatform Reverse Shell. This tool helps you to obtain a shell-like interface on a reverse connection over HTTP....
EmploLeaks – Finding Leaked Employees Info for the Win
Developed by Faraday security researchers, this cutting-edge tool utilizes the power of OpenSource Intelligence techniques. EmploLeaks extracts valuable insights by...
Quick-Lookup-Ptrun – Quick Lookup Plugin For PowerToys Run (Wox)
This plugin for PowerToys Run allows you to quickly search for an IP address, domain name, hash or any other...
DorXNG – Next Generation DorX. Built By Dorks, For Dorks
DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers. On...
ICMPWatch – ICMP Packet Sniffer
ICMP Packet Sniffer is a Python program that allows you to capture and analyze ICMP (Internet Control Message Protocol) packets...
