APKDeepLens – Android Security Insights In Full Spectrum
APKDeepLens is a Python based tool designed to scan Android applications (APK files) for security vulnerabilities. It specifically targets the...
hacking
VolWeb – A Centralized And Enhanced Memory Analysis Platform
VolWeb is a digital forensic memory analysis platform that leverages the power of the Volatility 3 framework. It is dedicated...
Chiasmodon – An OSINT Tool Designed To Assist In The Process Of Gathering Information About A Target Domain
Chiasmodon is an OSINT (Open Source Intelligence) tool designed to assist in the process of gathering information about a target...
ADOKit – Azure DevOps Services Attack Toolkit
Azure DevOps Services Attack Toolkit - ADOKit is a toolkit that can be used to attack Azure DevOps Services by...
GDBFuzz – Fuzzing Embedded Systems Using Hardware Breakpoints
This is the companion code for the paper: 'Fuzzing Embedded Systems using Debugger Interfaces'. A preprint of the paper can...
CloudGrappler – A purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure
Permiso: https://permiso.io Read our release blog: https://permiso.io/blog/cloudgrappler-a-powerful-open-source-threat-detection-tool-for-cloud-environments CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event...
ST Smart Things Sentinel – Advanced Security Tool To Detect Threats Within The Intricate Protocols utilized By IoT Devices
ST Smart Things Sentinel is an advanced security tool engineered specifically to scrutinize and detect threats within the intricate protocols...
RemoteTLSCallbackInjection – Utilizing TLS Callbacks To Execute A Payload Without Spawning Any Threads In A Remote Process
This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless...
Sicat – The Useful Exploit Finder
Introduction SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources...
Attackgen – Cybersecurity Incident Response Testing Tool That Leverages The Power Of Large Language Models And The Comprehensive MITRE ATT&CK Framework
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE...
Uscrapper – Powerful OSINT Webscraper For Personal Data Collection
Introducing Uscrapper 2.0, A powerfull OSINT webscrapper that allows users to extract various personal information from a website. It leverages...
DllNotificationInjection – A POC Of A New “Threadless” Process Injection Technique That Works By Utilizing The Concept Of DLL Notification Callbacks In Local And Remote Processes
DllNotificationInection is a POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification...
Gssapi-Abuse – A Tool For Enumerating Potential Hosts That Are Open To GSSAPI Abuse Within Active Directory Networks
gssapi-abuse was released as part of my DEF CON 31 talk. A full write up on the abuse vector can...
ADCSync – Use ESC1 To Perform A Makeshift DCSync And Dump Hashes
This is a tool I whipped up together quickly to DCSync utilizing ESC1. It is quite slow but otherwise an...
FalconHound – A Blue Team Multi-Tool. It Allows You To Utilize And Enhance The Power Of Blo odHound In A More Automated Fashion
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more...
pyGPOAbuse – Partial Python Implementation Of SharpGPOAbuse
Python partial implementation of SharpGPOAbuse by@pkb1s This tool can be used when a controlled account can modify an existing GPO...
CloudRecon – Finding assets from certificates
CloudRecon Finding assets from certificates! Scan the web! Tool presented @DEFCON 31 Install ** You must have CGO enabled, and...
Pmkidcracker – A Tool To Crack WPA2 Passphrase With PMKID Value Without Clients Or De-Authentication
This program is a tool written in Python to recover the pre-shared key of a WPA2 WiFi network without any...
EasyEASM – Zero-dollar Attack Surface Management Tool
Zero-dollar attack surface management tool featured at Black Hat Arsenal 2023 and Recon Village @ DEF CON 2023. Description Easy...
Logsensor – A Powerful Sensor Tool To Discover Login Panels, And POST Form SQLi Scanning
A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning Features login panel Scanning for multiple hosts...
EmploLeaks – An OSINT Tool That Helps Detect Members Of A Company With Leaked Credentials
This is a tool designed for Open Source Intelligence (OSINT) purposes, which helps to gather information about employees of...
Bugsy – Command-line Interface Tool That Provides Automatic Security Vulnerability Remediation For Your Code
Bugsy is a command-line interface (CLI) tool that provides automatic security vulnerability remediation for your code. It is the community...
WebCopilot – An Automation Tool That Enumerates Subdomains Then Filters Out Xss, Sqli, Open Redirect, Lfi, Ssrf And Rce Parameters And Then Scans For Vulnerabilities
WebCopilot is an automation tool designed to enumerate subdomains of the target and detect bugs using different open-source tools. The...
Nysm – A Stealth Post-Exploitation Container
A stealth post-exploitation container. Introduction With the raise in popularity of offensive tools based on eBPF, going from credential stealers...
