Moonwalk – Cover Your Tracks During Linux Exploitation By Leaving Zero Traces On System Logs And Filesystem Timestamps
Cover your tracks during Linux Once you get a shell into the target Unix machine, start a moonwalk session by...
tools
Nanodump – A Crappy LSASS Dumper With No ASCII Art
A flexible tool that creates a minidump of the LSASS process. 1. Features It uses syscalls (with SysWhispers2) for most...
BackupOperatorToDA – From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain Controller
If you compromise an account member of the group Backup Operators you can become the Domain Admin without RDP or...
Dora – Find Exposed API Keys Based On RegEx And Get Exploitation Methods For Some Of Keys That Are Found
Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to...
Requests-Ip-Rotator – A Python Library To Utilize AWS API Gateway’s Large IP Pool As A Proxy To Generate Pseudo-Infinite IPs For Web Scraping And Brute Forcing
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web...
Osinteye – Username Enumeration And Reconnaisance Suite
Username Enumeration And Reconnaisance Suite Supported sites PyPI Github TestPypi About.me Instagram DockerHub Installation Clone project: $ git clone...
Lupo – Malware IOC Extractor. Debugging Module For Malware Analysis Automation
Debugging module for Malware Analysis Automation For a step by step post on how to use Lupo, with images and...
IOSSecuritySuite – iOS Platform Security And Anti-Tampering Swift Library
iOS Security Suite is an advanced and easy-to-use platform security & anti-tampering library written in pure Swift! If you...
Rip Raw – Small Tool To Analyse The Memory Of Compromised Linux Systems
Rip Raw is a small tool to analyse the memory of compromised Linux systems. It is similar in purpose to...
BITB – Browser In The Browser (BITB) Templates
Detecting Color Preference To get the most out of this you should determine the OS from the user agent and...
O365-Doppelganger – A Quick Handy Script To Harvest Credentials Off Of A User During A Red Team And Get Execution Of A File From The User
O365-Doppelganger is NOT a replacement for hardcore Download O365-Doppelganger If you like the site, please consider joining the telegram channel...
VulFi – Plugin To IDA Pro Which Can Be Used To Assist During Bug Hunting In Binaries
The VulFi (Vulnerability Finder) tool is a plugin to IDA Pro which can be used to assist during bug hunting...
Bore – Simple CLI Tool For Making Tunnels To Localhost
A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls....
Wpgarlic – A Proof-Of-Concept WordPress Plugin Fuzzer
A proof-of-concept WordPress plugin fuzzer used in the research described in . That means that the fuzzer detected executing fopen()...
DDexec – A Technique To Run Binaries Filelessly And Stealthily On Linux Using Dd To Replace The Shell With Another Process
In Linux in order to run a program it must exist as a file, it must be accessible in some...
Spring4Shell-Scan – A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities
A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities Features Support for lists of...
Malwarescanner – Simple Malware Scanner Written In Python
Simple Malware Scanner written in python Very basic malware Scanner by hash comparison Sometimes this can be needed when an...
Git-Dumper – A Tool To Dump A Git Repository From A Website
A tool to dump a git repository from a website. Install This can be installed easily with pip: pip install...
Spock SLAF – A Shared Library Application Firewall “SLAF”
Spock SLAF is a Shared Library Application Firewall "SLAF". It has the purpose to protect any service that uses the...
Sub3Suite – A Free, Open Source, Cross Platform Intelligence Gathering Tool
Sub3 Suite is a research-grade suite of tools for Subdomain Enumeration, OSINT Information Preface If you're just getting started with...
Ecapture – Capture SSL/TLS Text Content Without CA Cert By eBPF
How eCapture works SSL/TLS text context capture, support opensslgnutlsnspr(nss) libraries. bash audit, eCapture User Manual Getting started use ELF binary...
Jfscan – A Super Fast And Customisable Port Scanner, Based On Masscan And NMap
Killing features Scan with nmap fast! Allows you to scan targets with Masscan and run Nmap on discovered ports...
Ma2Tl – macOS Forensic Timeline Generator Using The Analysis Result DBs Of Mac_Apt
This is a DFIR tool for generating a macOS Presentation This tool was published on Japan Security Analyst Conference 2022...
DumpSMBShare – A Script To Dump Files And Folders Remotely From A Windows SMB Share
A script to Contributing Pull requests are welcome. Feel free to open an issue if you want to add other...
