Backstab – A Tool To Kill Antimalware Protected Processes
Have these local admin credentials but the EDR is standing in the way? Unhooking or direct syscalls are not working...
Tools
Scour – AWS Exploitation Framework
Scour is a modern module based AWS exploitation framework written in golang, designed for red team testing and blue team...
FRIDA-DEXDump – Fast Search And Dump Dex On Memory
Featuressupport fuzzy search broken header dex. fix struct data of dex-header. compatible with all android version(frida supported). support loading as...
MacHound – An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts
MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts....
GDir-Thief – Red Team Tool For Exfiltrating The Target Organization’S Google People Directory That You Have Access To, Via Google’s API
Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's People API....
Gorsair – Hacks Its Way Into Remote Docker Containers That Expose Their APIs
Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has...
Lazyrecon – Tool To Automate Your Reconnaissance Process In An Organized Fashion
Lazyrecon is a subdomain discovery tool that finds and resolves valid subdomains then performs SSRF/LFI/SQLi fuzzing, brute-force and port scanning....
Invoke-DNSteal – Simple And Customizable DNS Data Exfiltrator
Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltrator. This tool helps you to exfiltrate data through DNS protocol over...
OpenAttack – An Open-Source Package For Textual Adversarial Attack
OpenAttack is an open-source Python-based textual adversarial attack toolkit, which handles the whole process of textual adversarial attacking, including preprocessing...
Red-Shadow – Lightspin AWS IAM Vulnerability Scanner
Scan your AWS IAM Configuration for shadow admins in AWS IAM based on misconfigured deny policies not affecting users in...
Forblaze – A Python Mac Steganography Payload Generator
Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C...
S3-Account-Search – S3 Account Search
This tool lets you find the account id an S3 bucket belongs too. For this to work you need to...
WAF-A-MoLE – A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls
A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller...
AWS Pen-Testing Laboratory – Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet
PenTesting laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wireguard...
Heappy – A Happy Heap Editor To Support Your Exploitation Process
Heappy is an editor based on gdb/gef that helps you to handle the heap during your exploitation development. The project...
Mythic – A Collaborative, Multi-Platform, Red Teaming Framework
A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It's designed to provide...
HoneyCreds – Network Credential Injection To Detect Responder And Other Network Poisoners
HoneyCreds network credential injection to detect responder and other network poisoners. RequirementsRequires Python 3.6+ (tested on Python 3.9)smbprotocolcffisplunk-sdk Installationgit clone https://github.com/Ben0xA/HoneyCreds.gitcd...
SharpHook – Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials
SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials....
CamRaptor – Tool That Exploits Several Vulnerabilities In Popular DVR Cameras To Obtain Network Camera Credentials
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials. FeaturesExploits vulnerabilities in...
BlobHunter – Find Exposed Data In Azure With This Public Blob Scanner
An opensource tool for scanning Azure blob storage accounts for publicly opened blobs. BlobHunter is a part of "Hunting Azure...
RomBuster – A Router Exploitation Tool That Allows To Disclosure Network Router Admin Password
RomBuster is a router exploitation tool that allows to disclosure network router admin password. FeaturesExploits vulnerabilities in most popular routers...
Fully-Homomorphic-Encryption – Libraries And Tools To Perform Fully Homomorphic Encryption Operations On An Encrypted Data Set
This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set.About Fully...
Shreder – A Powerful Multi-Threaded SSH Protocol Password Bruteforce Tool
Shreder is a powerful multi-threaded SSH protocol password brute-force tool. FeaturesVery fast password guessing, just one password in 0.1 second....
DarkLoadLibrary – LoadLibrary For Offensive Operations
LoadLibrary for offensive operations. How does is work?https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/UsageDARKMODULE DarkModule = DarkLoadLibrary( LOAD_LOCAL_FILE, // control flags L"TestDLL.dll", // local dll path,...
