An educational exploitation framework shipped on a modular and highly extensible multi-tasking and multi-processing architecture. Brutus: an IntroductionLooking for version...
This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being...
Search for public profile information on FacebookInstallation# clone the repo$ git clone https://github.com/Godofcoffe/FisherMan# change the working directory to FisherMan$ cd...
REW-sploitThe tool has been presented at Black-Hat Arsenal USA 2021 https://www.blackhat.com/us-21/arsenal/schedule/index.html#rew-sploit-dissecting-metasploit-attacks-24086 Slides of presentation are available at https://github.com/REW-sploit/REW-sploit_docs Need help...
Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to...
jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it's built for this, you...
AuraBorealis is a web application for visualizing anomalous and potentially malicious code in Python package registries. It uses security audit...
Intel SGX protects isolated application logic and sensitive data inside an enclave with hardware-based memory encryption. To use such hardware-based...
A statically-linked ssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges,...
PickleC2 is a post-exploitation and lateral movements framework. DocumentationReadTheDocs OverviewPickleC2 is a simple C2 framework written in python3 used to...
Grab cam shots from target's phone front camera or PC webcam just sending a link. What is CamPhish?CamPhish is techniques...
This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated...
This tool allows: To check whether a subdomain can be taken over because it has: a dangling CNAME pointing to...
An advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation...
NinjaDroid is a simple tool to reverse engineering Android APK packages. Published at: https://snapcraft.io/ninjadroid $ snap install ninjadroid --channel=betaOverviewNinjaDroid uses...
Nimplant is a cross-platform (Linux & Windows) implant written in Nim as a fun project to learn about Nim and...
A tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token...
HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request...
Alan Framework is a post-exploitation framework useful during red-team activities. If you find my tool useful, please consider to sponsor...
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client...
Please read the initial JARM blog post for more information. JARM is an active Transport Layer Security (TLS) server fingerprinting...
Distributed malware processing framework based on Python, Redis and MinIO. The ideaKarton is a robust framework for creating flexible and...
In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their enhanced optics requirements,...
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and relaying to...
