Ditto – A Tool For IDN Homograph Attacks And Detection
Ditto is a small tool that accepts a domain name as input and generates all its variants for an homograph...
Tools
COM-Code-Helper – Two IDAPython Scripts Help You To Reconstruct Microsoft COM (Component Object Model) Code
Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code Especially malware reversers will find this useful,...
Creepy – A Geolocation OSINT Tool. Offers Geolocation Information Gathering Through Social Networking Platforms
This project is currently not maintained. I haven't put any work on it since 2016 and with the current state...
ExecuteAssembly – Load/Inject .NET Assemblies
ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by;...
GPOZaurr – Group Policy Eater Is A PowerShell Module That Aims To Gather Information About Group Policies
Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues...
Cloudlist – A Tool For Listing Assets From Multiple Cloud Providers
Cloudlist is a multi-cloud tool for getting Assets (Hostnames, IP Addresses) from Cloud Providers. This is intended to be used...
Geacon – Implement CobaltStrike’s Beacon In Go
Using Go to implement CobaltStrike's Beacon This project is for learning protocol analysis and reverse engineering only, if someone's rights...
Satellite – Easy-To-Use Payload Hosting
Satellite is an web payload hosting service which filters requests to ensure the correct target is getting a payload. This...
Phpvuln – Audit Tool To Find Common Vulnerabilities In PHP Source Code
phpvuln is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process...
Linux-Chrome-Recon – An Information Gathering Tool Used To Enumerate All Possible Data About An User From Google-Chrome Browser From Any Linux Distribution
"linux-chrome-recon" is a Information gathering tool used to enumerate all possible data about an user from Google-Chrome browser from any...
OpenCSPM – Open Cloud Security Posture Management Engine
Open Cloud Security Posture Management, OpenCSPM, is an open-source platform for gaining deeper insight into your cloud configuration and metadata...
Uroboros – A GNU/Linux Monitoring And Profiling Tool Focused On Single Processes
Uroboros is a GNU/Linux monitoring tool focused on single processes. While utilities like top, ps and htop provide great overall...
BurpMetaFinder – Burp Suite Extension For Extracting Metadata From Files
Burp Suite extension for extracting metadata from files Currently supported documents: PDF DOCX PPTX XLSX The project created at Jetbrains...
Flawfinder – A Static Analysis Tool For Finding Vulnerabilities In C/C++ Source Code
This is "flawfinder" by David A. Wheeler. Flawfinder is a simple program that scans C/C++ source code and reports potential...
Web-Brutator – Modular Web Interfaces Bruteforcer
Fast Modular Web Interfaces BruteforcerInstallpython3 -m pip install -r requirements.txt Usage$ python3 web-brutator.py -h __ __ ___. __________ __ __...
Addressing the OT-IT Risk and Asset Inventory Gap
Cyber-espionage and exploitation from nation-state-sanctioned actors have only become more prevalent in recent years, with recent examples including the SolarWinds...
Rapid7 Acquires Leading Kubernetes Security Provider, Alcide
Organizations around the globe continue to embrace the flexibility, speed, and agility of the cloud. Those that have adopted it...
MOSE – Post Exploitation Tool For Configuration Management Servers.
MOSE is a post exploitation tool that enables security professionals with little or no experience with configuration management (CM) technologies...
OpenCVE – CVE Alerting Platform
OpenCVE, formerly known as Saucs, is a platform used to locally import the list of CVEs and perform searches on...
PSC – E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward
DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions,...
SSRF-King – SSRF Plugin For Burp Automates SSRF Detection In All Of The Request
SSRF plugin for burp that Automates SSRF Detection in all of the RequestUpcoming Features ChecklistIt will soon have a user...
CSSG – Cobalt Strike Shellcode Generator
Adds Shellcode - Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used...
Arbitrium-RAT – A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux
Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows...
JWT Key ID Injector – Simple Python Script To Check Against Hypothetical JWT Vulnerability
Simple python script to check against hypothetical JWT vulnerability. Let's say there is an application that uses JWT tokens signed...
