Stegowiper – A Powerful And Flexible Tool To Apply Active Attacks For Disrupting Stegomalware
Over the last 10 years, many threat groups have employed stegomalware or other steganography-based techniques to attack organizations from all...
Tools
Sandbox_Scryer – Tool For Producing Threat Hunting And Intelligence Data From Public Sandbox Detonation Output
The Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The...
Wodat – Windows Oracle Database Attack Toolkit
Simple port of the popular Oracle Database Attack Tool (ODAT) ( TEST Module tests if the given connection string can...
Slicer – Tool To Automate The Boring Process Of APK Recon
Download Slicer If you like the site, please consider joining the telegram channel or supporting us on Patreon using the...
nuvola – Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services
nuvola (with the lowercase n) is a tool to dump and perform automatic and manual security analysis on AWS environments...
TripleCross – A Linux eBPF Rootkit With A Backdoor, C2, Library Injection, Execution Hijacking, Persistence And Stealth Capabilities.
TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is inspired by previous...
Dismember – Scan Memory For Secrets And More
Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes (or particular...
Unblob – Extract Files From Any Kind Of Container Formats
Download Unblob If you like the site, please consider joining the telegram channel or supporting us on Patreon using the...
SCMKit – Source Code Management Attack Toolkit
Source Code Management Attack Toolkit - SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows...
autoSSRF – Smart Context-Based SSRF Vulnerabiltiy Scanner
autoSSRF is your best ally for identifying SSRF vulnerabilities at scale. Different from other ssrf automation tools, this one comes...
TeamFiltration – Cross-Platform Framework For Enumerating, Spraying, Exfiltrating, And Backdooring O365 AAD Accounts
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts. See the TeamFiltration wiki page for...
NGWAF – First Iteration Of ML Based Feedback WAF
This can be achieved in the following steps: Create a new dataset (.csv) for upload in the following format...
RDPHijack-BOF – Cobalt Strike Beacon Object File (BOF) That Uses WinStationConnect API To Perform Local/Remote RDP Session Hijacking
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access...
Evilgophish – Evilginx2 + Gophish
Combination of Once you have run setup.sh, the next steps are: Configure SMS message template. You will use Text only...
Collect-MemoryDump – Automated Creation Of Windows Memory Snapshots For DFIR
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR Collect-MemoryDump.ps1 is Fig 3: Automated Creation of Windows Memory Snapshot...
Prefetch-Hash-Cracker – A Small Util To Brute-Force Prefetch Hashes
Motivation During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch file. While...
Appshark – Static Taint Analysis Platform To Scan Vulnerabilities In An Android App
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. Prerequisites Appshark requires a specific version...
VuCSA – Vulnerable Client-Server Application – Made For Learning/Presenting How To Perform Penetration Tests Of Non-Http Thick Clients
Vulnerable Client-Server Application Vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients....
Jscythe – Abuse The Node.Js Inspector Mechanism In Order To Force Any Node.Js/Electron/V8 Based Process To Execute Arbitrary Javascript Code
jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even...
Cicd-Goat – A Deliberately Vulnerable CI/CD Environment
Deliberately Download & Run There's no need to clone the repository. Linux & Mac curl -o cicd-goat/docker-compose.yaml --create-dirs https://raw.githubusercontent.com/cider-security-research/cicd-goat/main/docker-compose.yamlcd cicd-goat...
Reverse_SSH – SSH Based Reverse Shell
Want to use SSH for reverse shells? Now you can. Manage and connect to reverse shells with native SSH syntax...
Ermir – An Evil Java RMI Registry
Ermir is an Evil/Rogue RMI Registry, it public String list(): list() asks the registry for all the bound objects names,...
Threatest – Threatest Is A Go Framework For End-To-End Testing Threat Detection Rules
Threatest is a Go framework for testing threat detection end-to-end. Threatest allows you to detonate an attack technique, and verify...
Sandman – NTP Based Backdoor For Red Team Engagements In Hardened Networks
Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a...
