AutoPWN Suite – Project For Scanning Vulnerabilities And Exploiting Systems Automatically
AutoPWN Suite is a project for scanning Installation You can install it using pip. (sudo recommended) sudo pip install autopwn-suite...
tools
Socialhunter – Crawls The Website And Finds Broken Social Media Links That Can Be Hijacked
Installation From Binary You can download the pre-built binaries from the releases page and run. For example: wget https://github.com/utkusen/socialhunter/releases/download/v0.1.1/socialhunter_0.1.1_Linux_amd64.tar.gz tar...
Nipe – An Engine To Make Tor Network Your Default Gateway
The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It...
Sentinel-Attack – Tools To Rapidly Deploy A Threat Hunting Capability On Azure Sentinel That Leverages Sysmon And MITRE ATT&CK
Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on...
Lockc – Making Containers More Secure With eBPF And Linux Security Modules (LSM)
lockc is open source sofware for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main...
AWS-Threat-Simulation-and-Detection – Playing Around With Stratus Red Team (Cloud Attack Simulation Tool) And SumoLogic
This repository is a documentation of my adventures with Attack Description Link aws.credential-access.ec2-get-password-data Retrieve EC2 Password Data Link aws.credential-access.ec2-steal-instance-credentials Steal...
Puwr – SSH Pivoting Script For Expanding Attack Surfaces On Local Networks
Easily expand your attack surface on a local network by discovering more hosts, via SSH. Using a machine running a...
AzureRT – A Powershell Module Implementing Various Azure Red Team Tactics
Powershell module implementing various cmdlets to interact with Azure and Azure AD from an offensive perspective. Helpful utilities dealing with...
COM-Hunter – COM Hijacking VOODOO
.NET Framework 4.8 Usage Usage: .COM-Hunter.exe <mode> <options>-> General Options: -h, --help Shows help and exits. -v, --version Shows current...
CRLFsuite – Fast CRLF Injection Scanning Tool
CRLFsuite is a fast tool specially designed to scan CRLF injection. Installation $ git clone https://github.com/Nefcore/CRLFsuite.git$ cd CRLFsuite$ sudo python3 setup.py...
SMB-Session-Spoofing – Tool To Create A Fake SMB Session
Welcome! This is a utility that can be compiled with Visual Studio 2019 (or newer). The goal of this program...
Atomic-Operator – A Python Package Is Used To Execute Atomic Red Team Tests (Atomics) Across Multiple Operating System Environments
This python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments. (What's new?) Why?...
Notionterm – Embed Reverse Shell In Notion Pages
Embed FOR: Hiding attacker IP in reverse shell (No direct interaction between attacker and target machine. Notion is used as...
MITM_Intercept – A Little Bit Less Hackish Way To Intercept And Modify non-HTTP Protocols Through Burp And Others
A little bit less hackish way to intercept and modify non-HTTP protocols through Burp and others with SSL and TLS...
Zap-Scripts – Zed Attack Proxy Scripts For Finding CVEs And Secrets
Zed Attack Proxy Scripts for finding CVEs and Secrets. Building This project uses Gradle to build the ZAP add-on, simply...
PowerGram – Multiplatform Telegram Bot In Pure PowerShell
PowerGram is a pure PowerShell Telegram Bot that can be run on Windows, Linux or Mac OS. To make use...
Wrongsecrets – Examples With How To Not Use Secrets
Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store...
K0Otkit – Universal Post-Penetration Technique Which Could Be Used In Penetrations Against Kubernetes Clusters
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters. With k0otkit, you can manipulate...
Labtainers – A Docker-based Cyber Lab Framework
Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or...
PersistBOF – Tool To Help Automate Common Persistence Mechanisms
A tool to help automate common persistence mechanisms. Currently supports Print Monitor (SYSTEM), Time Provider (Network Service), Start folder shortcut...
Mitmproxy2Swagger – Automagically Reverse-Engineer REST APIs Via Capturing Traffic
A tool for automatically converting Run the first pass of mitmproxy2swagger: $ mitmproxy2swagger -i <path_to_mitmptoxy_flow> -o <path_to_output_schema> -p <api_prefix> Please...
Hakoriginfinder – Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs!
Tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How does...
BinAbsInspector – Vulnerability Scanner For Binaries
BinAbsInspector (Binary Abstract Inspector) is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a...
Stunner – Tool To Test And Exploit STUN, TURN And TURN Over TCP Servers
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. TURN is a protocol mostly...
