PathFinder – Tool That Provides Information About A Website
Web Path Finder is a Python program that provides information about a website. It retrieves various details such as page...
Tools
Puncia – Subdomain And Exploit Hunter Powered By AI
Puncia utilizes two of our intelligent APIs - Subdomain Center & Exploit Observer, to gather the results. Please note that...
Facad1ng – The Ultimate URL Masking Tool – An Open-Source URL Masking Tool Designed To Help You Hide Phishing URLs And Make Them Look Legit Using Social Engineering Techniques
Facad1ng is an open-source URL masking tool designed to help you Hide Phishing URLs and make them look legit using...
GATOR – GCP Attack Toolkit For Offensive Research, A Tool Designed To Aid In Research And Exploiting Google Cloud Environments
GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments....
Commander – A Command And Control (C2) Server
Commander is a command and control framework (C2) written in Python, Flask and SQLite. It comes with two agents written in...
SecuSphere – Efficient DevSecOps
SecuSphere is a comprehensive DevSecOps platform designed to streamline and enhance your organization's security posture throughout the software development life...
ILSpy – .NET Decompiler With Support For PDB Generation, ReadyToRun, Metadata (and More) – Cross-Platform!
ILSpy is the open-source .NET assembly browser and decompiler. Decompiler Frontends Aside from the WPF UI ILSpy (downloadable via Releases,...
Gcp_Scanner – A Comprehensive Scanner For Google Cloud
This is a GCP resource scanner that can help determine what level of access certain credentials possess on GCP. The...
JSpector – A Simple Burp Suite Extension To Crawl JavaScript (JS) Files In Passive Mode And Display The Results Directly On The Issues
JSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs, endpoints and dangerous...
HBSQLI – Automated Tool For Testing Header Based Blind SQL Injection
HBSQLI is an automated command-line tool for performing Header Based Blind SQL injection attacks on web applications. It automates the...
Pyxamstore – Python Utility For Parsing Xamarin AssemblyStore Blob Files
This is an alpha release of an assemblies.blob AssemblyStore parser written in Python. The tool is capable of unpack and...
RecycledInjector – Native Syscalls Shellcode Injector
(Currently) Fully Undetected same-process native/.NET assembly shellcode injector based on RecycledGate by thefLink, which is also based on HellsGate +...
Spoofy – Program That Checks If A List Of Domains Can Be Spoofed Based On SPF And DMARC Records
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records....
Sirius – First Truly Open-Source General Purpose Vulnerability Scanner
Sirius is the first truly open-source general purpose vulnerability scanner. Today, the information security community remains the best and most...
DakshSCRA – Source Code Review Assist
Daksh SCRA (Source Code Review Assist) tool is built to enhance the efficiency of the source code review process, providing...
Chromecookiestealer – Steal/Inject Chrome Cookies Over The DevTools Protocol
Attaches to Chrome using its Remote DevTools protocol and steals/injects/clears/deletes cookies. Heavily inspired by WhiteChocolateMacademiaNut. Cookies are dumped as JSON...
S4UTomato – Escalate Service Account To LocalSystem Via Kerberos
Escalate Service Account To LocalSystem via Kerberos. Traditional Potatoes Friends familiar with the "Potato" series of privilege escalation should know...
Caracal – Static Analyzer For Starknet Smart Contracts
Caracal is a static analyzer tool over the SIERRA representation for Starknet smart contracts. Features Detectors to detect vulnerable Cairo...
Dissect – Digital Forensics, Incident Response Framework And Toolset That Allows You To Quickly Access And Analyse Forensic Artefacts From Various Disk And File Formats
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic...
ModuleShifting – Stealthier Variation Of Module Stomping And Module Overloading Injection Techniques That Reduces Memory IoCs
ModuleShifting is stealthier variation of Module Stomping and Module overloading injection technique. It is actually implemented in Python ctypes so...
Nodesub – Command-Line Tool For Finding Subdomains In Bug Bounty Programs
Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides...
Apepe – Enumerate Information From An App Based On The APK File
Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app....
Mellon – OSDP Attack Tool
OSDP attack tool (and the Elvish word for friend) Attack #1: Encryption is Optional OSDP supports, but doesn't strictly require,...
Electron_Shell – Developing A More Covert Remote Access Trojan (RAT) Tool By Leveraging Electron’s Features For Command Injection And Combining It With Remote Control Methods
Electron_shell Developing a more covert Remote Access Trojan (RAT) tool by leveraging Electron's features for command injection and combining it...
