AceLdr – Cobalt Strike UDRL For Memory Scanner Evasion
A position-independent reflective loader for Cobalt Strike. Zero results from Hunt-Sleeping-Beacons, BeaconHunter, BeaconEye, Patriot, Moneta, PE-sieve, or MalMemDetect. Features Easy...
hacking
REST-Attacker – Designed As A Proof-Of-Concept For The Feasibility Of Testing Generic Real-World REST Implementations
REST-Attacker is an automated penetration testing framework for APIs following the REST architecture style. The tool's focus is on streamlining...
Villain – Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other...
ExchangeFinder – Find Microsoft Exchange Instance For A Given Domain And Identify The Exact Version
ExchangeFinder is a simple and open-source tool that tries to find Micrsoft Exchange instance for a given domain based on...
DotDumper – An Automatic Unpacker And Logger For DotNet Framework Targeting Files
An automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022....
PXEThief – Set Of Tooling That Can Extract Passwords From The Operating System Deployment Functionality In Microsoft Endpoint Configuration Manager
PXEThief is a set of tooling that implements attack paths discussed at the DEF CON 30 talk Pulling Passwords out...
Subparse – Modular Malware Analysis Artifact Collection And Correlation Framework
Subparse, is a modular framework developed by Josh Strochein, Aaron Baker, and Odin Bernstein. The framework is designed to parse...
Cypherhound – Terminal Application That Contains 260+ Neo4j Cyphers For BloodHound Data Sets
A Python3 terminal application that contains 260+ Neo4j cyphers for BloodHound data sets. Why? BloodHound is a staple tool for...
S3Crets_Scanner – Hunting For Secrets Uploaded To Public S3 Buckets
S3cret Scanner tool designed to provide a complementary layer for the Amazon S3 Security Best Practices by proactively hunting secrets...
Aftermath – A Free macOS IR Framework
Aftermath is a Swift-based, open-source incident response framework. Aftermath can be leveraged by defenders in order to collect and subsequently...
Top 20 Most Popular Hacking Tools in 2022
As last year, this year we made a ranking with the most popular tools between January and December 2022. Topics...
OFRAK – Unpack, Modify, And Repack Binaries
OFRAK (Open Firmware Reverse Analysis Konsole) is a binary analysis and modification platform. OFRAK combines the ability to: Identify and...
Autobloody – Tool To Automatically Exploit Active Directory Privilege Escalation Paths Shown By BloodHound
autobloody is a tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound. Description This tool automates the...
Havoc – Modern and malleable post-exploitation command and control framework
Havoc is a modern and malleable post-exploitation command and control framework, created by @C5pider. Havoc is in an early state...
Top 20 Most Popular Hacking Tools in 2022
As last year, this year we made a ranking with the most popular tools between January and December 2022. Topics...
Top 20 Most Popular Hacking Tools in 2022
As last year, this year we made a ranking with the most popular tools between January and December 2022. Topics...
Top 20 Most Popular Hacking Tools in 2022
As last year, this year we made a ranking with the most popular tools between January and December 2022. Topics...
Top 20 Most Popular Hacking Tools in 2022
As last year, this year we made a ranking with the most popular tools between January and December 2022. Topics...
Top 20 Most Popular Hacking Tools in 2022
As last year, this year we made a ranking with the most popular tools between January and December 2022. Topics...
S3Crets_Scanner – Hunting For Secrets Uploaded To Public S3 Buckets
S3cret Scanner tool designed to provide a complementary layer for the Contributing Pull requests and forks are welcome. For major...
Using GitHub Actions to manage CI/CD for Empire
We’ve been using GitHub actions for Empire and Starkiller for quite some time now. It’s been a significant productivity boost...
NetLlix – A Project Created With An Aim To Emulate And Test Exfiltration Of Data Over Different Network Protocols
A project created with an aim to emulate and test exfiltration of data over different network protocols. The emulation is...
Squarephish – An advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes
SquarePhish is an advanced The victim will then scan the QR code found in the email body with their mobile...
Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS
Microsoft disclosed technical details of a vulnerability in Apple macOS that could be exploited by an attacker to bypass Gatekeeper....
