Pyrit – The Famous WPA Precomputed Cracker
Pyrit allows you to create massive databases of pre-computed WPA/WPA2-PSK authentication phase in a space-time-tradeoff. By using the computational power...
Tools
EvilSlackbot – A Slack Bot Phishing Framework For Red Teaming Exercises
EvilSlackbot A Slack Attack Framework for conducting Red Team and phishing exercises within Slack workspaces. Disclaimer This tool is intended...
Ars0N-Framework – A Modern Framework For Bug Bounty Hunting
Howdy! My name is Harrison Richardson, or rs0n (arson) when I want to feel cooler than I really am. The...
Reaper – Proof Of Concept On BYOVD Attack
Reaper is a proof-of-concept designed to exploit BYOVD (Bring Your Own Vulnerable Driver) driver vulnerability. This malicious technique involves inserting...
ROPDump – A Command-Line Tool Designed To Analyze Binary Executables For Potential Return-Oriented Programming (ROP) Gadgets, Buffer Overflow Vulnerabilities, And Memory Leaks
ROPDump is a tool for analyzing binary executables to identify potential Return-Oriented Programming (ROP) gadgets, as well as detecting potential...
Startup-SBOM – A Tool To Reverse Engineer And Inspect The RPM And APT Databases To List All The Packages Along With Executables, Service And Versions
This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed. The...
ShellSweep – PowerShell/Python/Lua Tool Designed To Detect Potential Webshell Files In A Specified Directory
Tags: Aspx, Encryption, Entropy, Hashes, Malware, Obfuscation, PowerShell, Processes, Scan, Scanning, Scripts, Toolbox, ShellSweepShellSweep - ShellSweeping the evil.Shellsweep - Shellsweeping...
Invoke-SessionHunter – Retrieve And Display Information About Active User Sessions On Remote Computers (No Admin Privileges Required)
Retrieve and display information about active user sessions on remote computers. No admin privileges required. The tool leverages the remote...
Hakuin – A Blazing Fast Blind SQL Injection Optimization And Automation Framework
Hakuin is a Blind SQL Injection (BSQLI) optimization and automation framework written in Python 3. It abstracts away the inference...
Subhunter – A Fast Subdomain Takeover Tool
Subdomain takeover is a common vulnerability that allows an attacker to gain control over a subdomain of a target domain...
BypassFuzzer – Fuzz 401/403/404 Pages For Bypasses
The original 403fuzzer.py :) Fuzz 401/403ing endpoints for bypasses This tool performs various checks via headers, path normalization, verbs, etc....
PingRAT – Secretly Passes C2 Traffic Through Firewalls Using ICMP Payloads
PingRAT secretly passes C2 traffic through firewalls using ICMP payloads. Features: Uses ICMP for Command and Control Undetectable by most...
LOLSpoof – An Interactive Shell To Spoof Some LOLBins Command Line
LOLSpoof is a an interactive shell program that automatically spoof the command line arguments of the spawned process. Just call...
SQLMC – Check All Urls Of A Domain For SQL Injections
SQLMC (SQL Injection Massive Checker) is a tool designed to scan a domain for SQL injection vulnerabilities. It crawls the...
BadExclusionsNWBO – An Evolution From BadExclusions To Identify Folder Custom Or Undocumented Exclusions On AV/EDR
BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR. How it works? BadExclusionsNWBO copies...
NTLM Relay Gat – Powerful Tool Designed To Automate The Exploitation Of NTLM Relays
NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM relays using ntlmrelayx.py from the Impacket...
Ioctlance – A Tool That Is Used To Hunt Vulnerabilities In X64 WDM Drivers
Description Presented at CODE BLUE 2023, this project titled Enhanced Vulnerability Hunting in WDM Drivers with Symbolic Execution and Taint...
Gftrace – A Command Line Windows API Tracing Tool For Golang Binaries
A command line Windows API tracing tool for Golang binaries. Note: This tool is a PoC and a work-in-progress prototype...
HardeningMeter – Open-Source Python Tool Carefully Designed To Comprehensively Assess The Security Hardening Of Binaries And Systems
HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems. Its robust...
JS-Tap – JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post Exploitation Implant To Monitor Users As They Use The Targeted Application
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they...
MasterParser – Powerful DFIR Tool Designed For Analyzing And Parsing Linux Logs
What is MasterParser ? MasterParser stands as a robust Digital Forensics and Incident Response tool meticulously crafted for the analysis...
C2-Cloud – The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The Life Of Penetration Testers
The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy...
OSTE-Web-Log-Analyzer – Automate The Process Of Analyzing Web Server Logs With The Python Web Log Analyzer
Automate the process of analyzing web server logs with the Python Web Log Analyzer. This powerful tool is designed to...
ThievingFox – Remotely Retrieving Credentials From Password Managers And Windows Utilities
ThievingFox is a collection of post-exploitation tools to gather credentials from various password managers and windows utilities. Each module leverages...
