PickleC2 – A Post-Exploitation And Lateral Movements Framework
PickleC2 is a post-exploitation and lateral movements framework. DocumentationReadTheDocs OverviewPickleC2 is a simple C2 framework written in python3 used to...
Tools
CamPhish – Grab Cam Shots From Target’S Phone Front Camera Or PC Webcam Just Sending A Link.
Grab cam shots from target's phone front camera or PC webcam just sending a link. What is CamPhish?CamPhish is techniques...
Raider – Web Authentication Testing Framework
This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated...
Tko-Subs – A Tool That Can Help Detect And Takeover Subdomains With Dead DNS Records
This tool allows: To check whether a subdomain can be taken over because it has: a dangling CNAME pointing to...
Bantam – A PHP Backdoor Management And Generation tool/C2 Featuring End To End Encrypted Payload Streaming Designed To Bypass WAF, IDS, SIEM Systems
An advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation...
NinjaDroid – Ninja Reverse Engineering On Android APK Packages
NinjaDroid is a simple tool to reverse engineering Android APK packages. Published at: https://snapcraft.io/ninjadroid $ snap install ninjadroid --channel=betaOverviewNinjaDroid uses...
Nimplant – A Cross-Platform Implant Written In Nim
Nimplant is a cross-platform (Linux & Windows) implant written in Nim as a fun project to learn about Nim and...
jwtXploiter – A Tool To Test Security Of Json Web Token
A tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token...
Http-Request-Smuggling – HTTP Request Smuggling Detection Tool
HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request...
AlanFramework – A Post-Exploitation Framework
Alan Framework is a post-exploitation framework useful during red-team activities. If you find my tool useful, please consider to sponsor...
Wsh – Web Shell Generator And Command Line Interface
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client...
Jarm – Active Transport Layer Security (TLS) server fingerprinting tool
Please read the initial JARM blog post for more information. JARM is an active Transport Layer Security (TLS) server fingerprinting...
Karton – Distributed Malware Processing Framework Based On Python, Redis And MinIO
Distributed malware processing framework based on Python, Redis and MinIO. The ideaKarton is a robust framework for creating flexible and...
UnhookMe – An Universal Windows API Resolver And Unhooker Addressing Problem Of Invoking Unmonitored System Calls From Within Of Your Red Teams Malware
In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their enhanced optics requirements,...
ADCSPwn – A Tool To Escalate Privileges In An Active Directory Network By Coercing Authenticate From Machine Accounts And Relaying To The Certificate Service
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and relaying to...
Sigurlfind3R – A Reconnaissance Tool, It Fetches URLs From AlienVault’s OTX, Common Crawl, URLScan, Github And The Wayback Machine
sigurlfind3r is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback...
Php-Jpeg-Injector – Injects Php Payloads Into Jpeg Images
Injects php payloads into jpeg images. Related to this post. Use CaseYou have a web application that runs a jpeg...
Solitude – A Privacy Analysis Tool That Enables Anyone To Conduct Their Own Privacy Investigations
Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or...
Go-Shellcode – A Repository Of Windows Shellcode Runners And Supporting Utilities
go-shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API...
cThreadHijack – Beacon Object File (BOF) For Remote Process Injection Via Thread Hijacking
___________.__ .______ ___ .__ __ __ _____ ___/| |_________ ____ _____ __| _/ | |__| |__|____ ____ | | ___/...
NordLynx WireGuard Config Extraction Script
A Simple bash script to extract the NordLynx Wireguard config information that is needed to use wireguard and nord outside...
TwiTi – Tool for extracting IOCs from tweet
TwiTi, a tool for extracting IOCs from tweets, can collect a large number of fresh, accurate IOCs. TwiTi does classifying...
WARCannon – High Speed/Low Cost CommonCrawl RegExp In Node.js
WARCannon was built to simplify and cheapify the process of 'grepping the internet'.With WARCannon, you can:Build and test regex patterns...
ChangeTower – Tool To Help You Watch Changes In Webpages And Get Notified Of Any Changes
ChangeTower is intended to help you watch changes in webpages and get notified of any changes written in Go This...
