Aladdin – Payload Generation Technique That Allows The Deseriallization Of A .NET Payload And Execution In Memory
Aladdin is a payload generation technique based on the work of James Forshaw (@tiraniddo) that allows the deseriallization of a...
tools
Windiff – Web-based Tool That Allows Comparing Symbol, Type And Syscall Information Of Microsoft Windows Binaries Across Different Versions Of The OS
WinDiff is an open-source web-based tool that allows browsing and comparing symbol, type and syscall information of Microsoft Windows binaries...
HiddenDesktop – HVNC For Cobalt Strike
Hidden Desktop (often referred to as HVNC) is a tool that allows operators to interact with a remote desktop session...
DynastyPersist – A Linux Persistence Tool!
A Linux persistence tool! A powerful and versatile Linux persistence script designed for various security assessment and testing scenarios. This...
MaccaroniC2 – A PoC Command And Control Framework That Utilizes The Powerful AsyncSSH
MaccaroniC2 is a proof-of-concept Command and Control framework that utilizes the powerful AsyncSSH Python library which provides an asynchronous client...
Mass-Bruter – Mass Bruteforce Network Protocols
Mass bruteforce network protocols Info Simple personal script to quickly mass bruteforce common services in a large scale of network....
OSINT-Framework – OSINT Framework
OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT...
Iac-Scan-Runner – Service That Scans Your Infrastructure As Code For Common Vulnerabilities
Service that scans your Infrastructure as Code for common vulnerabilities. Aspect Information Tool name IaC Scan Runner Docker image xscanner/runner...
ICS-Forensics-Tools – Microsoft ICS Forensics Framework
Microsoft ICS Forensics Tools is an open source forensic framework for analyzing Industrial PLC metadata and project files. it enables...
Deepsecrets – Secrets Scanner That Understands Code
Yet another tool - why? Existing tools don't really "understand" code. Instead, they mostly parse texts. DeepSecrets expands classic regex-search...
CureIAM – Clean Accounts Over Permissions In GCP Infra At Scale
Clean up of over permissioned IAM accounts on GCP infra in an automated way CureIAM is an easy-to-use, reliable, and...
MemTracer – Memory Scaner
MemTracer is a tool that offers live memory analysis capabilities, allowing digital forensic practitioners to discover and investigate stealthy attack...
LightsOut – Generate An Obfuscated DLL That Will Disable AMSI And ETW
LightsOut will generate an obfuscated DLL that will disable AMSI & ETW while trying to evade AV. This is done...
Bread – BIOS Reverse Engineering And Advanced Debugging
BREAD (BIOS Reverse Engineering & Advanced Debugging) is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code (on...
LTESniffer – An Open-source LTE Downlink/Uplink Eavesdropper
LTESniffer is An Open-source LTE Downlink/Uplink Eavesdropper It first decodes the Physical Downlink Control Channel (PDCCH) to obtain the Downlink...
Padre – Blazing Fast, Advanced Padding Oracle Exploit
padre is an advanced exploiter for Padding Oracle attacks against CBC mode encryption Features: blazing fast, concurrent implementation decryption of...
Goblob – A Fast Enumeration Tool For Publicly Exposed Azure Storage Blobs
Goblob is a lightweight and fast enumeration tool designed to aid in the discovery of sensitive information exposed publicy in...
Forbidden-Buster – A Tool Designed To Automate Various Techniques In Order To Bypass HTTP 401 And 403 Response Codes And Gain Access To Unauthorized Areas In The System
Forbidden Buster is a tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes...
Hades-C2 – Hades Basic Command And Control Server
Hades is a basic Command & Control server built using Python. It is currently extremely bare bones, but I plan...
Crawlector – Threat Hunting Framework Designed For Scanning Websites For Malicious Objects
Crawlector (the name Crawlector is a combination of Crawler & Detector) is a threat hunting framework designed for scanning websites...
CryptoChat – Beyond Secure Messaging
Welcome to CryptChat - where conversations remain truly private. Built on the robust Python ecosystem, our application ensures that every...
Afuzz – Automated Web Path Fuzzing Tool For The Bug Bounty Projects
Afuzz is an automated web path fuzzing tool for the Bug Bounty projects. Afuzz is being actively developed by @rapiddns...
Red Canary Mac Monitor – An Advanced, Stand-Alone System Monitoring Tool Tailor-Made For macOS Security Research
Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research, malware triage, and system...
Dvenom – Tool That Provides An Encryption Wrapper And Loader For Your Shellcode
Double Venom (DVenom) is a tool that helps red teamers bypass AVs by providing an encryption wrapper and loader for...
