ForceAdmin – Create Infinite UAC Prompts Forcing A User To Run As Admin
ForceAdmin is a c# payload builder, creating infinate UAC pop-ups until the user allows the program to be ran. The...
Tools
Coercer – A Python Script To Automatically Coerce A Windows Server To Authenticate On An Arbitrary Machine Through 9 Methods
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods. FeaturesAutomatically detects...
noPac – Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-2021-42278 +...
BeatRev – POC For Frustrating/Defeating Malware Analysts
BeatRev Version 2Disclaimer/LiabilityThe work that follows is a POC to enable malware to "key" itself to a particular victim in...
ApacheTomcatScanner – A Python Script To Scan For Apache Tomcat Server Vulnerabilities
A python script to scan for Apache Tomcat server vulnerabilities. FeaturesMultithreaded workers to search for Apache tomcat servers.Multiple target source...
Aced – Tool to parse and resolve a single targeted Active Directory principal’s DACL
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound...
Autodeauth – A Tool Built To Automatically Deauth Local Networks
A tool built to automatically deauth local networks Tested on Raspberry Pi OS and Kali Linux Setup $ chmod +x...
Awesome-Password-Cracking – A Curated List Of Awesome Tools, Research, Papers And Other Projects Related To Password Cracking And Password Security
A curated list of awesome tools, research, papers and other projects related to password cracking and password security. Read the...
Masky – Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory
Masky is a Masky also provides options that are commonly provided by such tools (thread number, authentication mode, targets loaded...
Erlik – Vulnerable Soap Service
Erlik - Informaion Disclosure Code: Code: Command Injection Code: Brute Force Code: Deserialization Code: Download Vulnerable-Soap-Service If you like the...
Toxssin – An XSS Exploitation Command-Line Interface And Payload Generator
toxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of...
Rekono – Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically
Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way....
ReconPal – Leveraging NLP For Infosec
Recon is one of the most important phases that seem easy but takes a lot of effort and skill to...
dBmonster – Track WiFi Devices With Their Recieved Signal Strength
With dBmonster you are able to scan for nearby WiFi devices and track them trough the signal strength (dBm) of...
Ox4Shell – Deobfuscate Log4Shell Payloads With Ease
Deobfuscate Log4Shell payloads with ease. Description Since the release of the Log4Shell vulnerability (CVE-2021-44228), many tools were created to obfuscate...
System Informer – A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware
System Informer A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to...
RPCMon – RPC Monitor Tool Based On Event Tracing For Windows
A GUI tool for scanning RPC communication through Event Tracing for Windows (ETW). The tool was published as part of...
Concealed_Code_Execution – Tools And Technical Write-Ups Describing Attacking Techniques That Rely On Concealing Code Execution On Windows
Hunt & Hackett presents a set of tools and technical write-ups describing attacking techniques that rely on concealing code execution...
dnsReaper – Subdomain Takeover Tool For Attackers, Bug Bounty Hunters And The Blue Team!
DNS Reaper is yet another sub-domain takeover tool, but with an emphasis on accuracy, speed and the number of signatures...
crAPI – Completely Ridiculous API
completely ridiculous API (crAPI) will help you to understand the ten most critical API security risks. crAPI is vulnerable by...
Ropr – A Blazing Fast Multithreaded ROP Gadget Finder. Ropper / Ropgadget Alternative
ropr is a blazing fast multithreaded ROP Gadget finder What is a ROP Gadget? ROP (Return Oriented Programming) Gadgets are...
Hoaxshell – An Unconventional Windows Reverse Shell, Currently Undetected By Microsoft Defender And Various Other AV Solutions, Solely Based On Http(S) Traffic
hoaxshell is an unconventional Windows reverse shell, currently Find more screenshots here. Installation git clone https://github.com/t3l3machus/hoaxshellcd ./hoaxshellsudo pip3 install -r...
VLANPWN – VLAN Attacks Toolkit
VLAN attacks toolkit DoubleTagging.py - This tool is designed to carry out a VLAN Hopping attack. As a result of...
RedGuard – C2 Front Flow Control Tool, Can Avoid Blue Teams, AVs, EDRs Check
0x00 Introduction Tool introduction RedGuard is a derivative work of the C2 facility pre-flow control technology. It has a lighter...
