BatchQL – GraphQL Security Auditing Script With A Focus On Performing Batch GraphQL Queries And Mutations
BatchQL is a GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations. This script is...
BatchQL is a GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations. This script is...
Concealed Position is a local privilege escalation attack against Windows using the concept of "Bring Your Own Vulnerability". Specifically, Concealed...
A tool for generating multiple types of NTLMv2 hash theft files. ntlm_theft is an Open Source Python3 Tool that generates...
▒█████ ███▄ █ ▄▄▄█████▓ ██░ ██ ▓█████ █████ ██▓ ▓██ ██▓▒██▒ ██▒ ██ ▀█ █ ▓ ██▒ ▓▒▒▓██░ ██ ▓█...
A fast tool to check missing hosted DNS zones that can lead to subdomain takeover. What is a DNS takeover?DNS...
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)Creation of this Script is based on some reverse...
Plution is a convenient way to scan at scale for pages that are vulnerable to client side prototype pollution via...
Time for another Kali Linux release! – Kali Linux 2021.1. This release has various impressive updates.A summary of the changes...
Vailyn's Crawler analyzing a damn vulnerable web application. LFI Wrappers are not enabled. GUI Demonstration (v2.2.1-5) Possible IssuesFound some false...
rootend is a python *nix Enumerator & Auto Privilege Escalation tool. For a full list of our tools, please visit...
BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation....
targetedKerberoast is a Python script that can, like many others (e.g. GetUserSPNs.py), print "kerberoast" hashes for user accounts that have...
What is Peirates?Peirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster. It...
GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA (single static assignment) form of Go...
AutoHarness is a tool that automatically generates fuzzing harnesses for you. This idea stems from a concurrent problem in fuzzing...
ODBParser is a tool to search for PII being exposed in open databases. ONLY to be used to identify exposed...
Pollenisator is a tool aiming to assist pentesters and auditor automating the use of some tools/scripts and keep track of...
"Karta" (Russian for "Map") is an IDA Python plugin that identifies and matches open-sourced libraries in a given binary. The...
WWWGrep is a rapid search “grepping” mechanism that examines HTML elements by type and permits focused (single), multiple (file based...
Enumerate Domain Data is designed to be similar to PowerView but in .NET. PowerView is essentially the ultimate domain enumeration...
This tool compiles some necessary tools for wifi auditing in a unix bash script with a user friendly interface....
Credits to Nick Aleks for the logo!How does it work?graphw00f (inspired by wafw00f) is the GraphQL fingerprinting tool for GQL...
GUI version: Solution ArchitectureSharpStrike is composed of three main projects ServiceLayer -- Provides core functionality and consumed by the UI...
TREVORproxy is a SOCKS proxy that round-robins requests through SSH hosts. TREVORspray is a A featureful Python O365 sprayer based...