Clik here to view.
LDAPWordlistHarvester - A Tool To Generate A Wordlist From The Information...
A tool to generate a wordlist from the information present in LDAP, in order to crack non-random passwords of domain accounts. FeaturesThe bigger the domain is, the better the wordlist will be.[x]...
View ArticleClik here to view.
Headerpwn - A Fuzzer For Finding Anomalies And Analyzing How Servers Respond...
InstallTo install headerpwn, run the following command:go install github.com/devanshbatham/headerpwn@v0.0.3Usageheaderpwn allows you to test various headers on a target URL and analyze the responses....
View ArticleClik here to view.
Ars0N-Framework - A Modern Framework For Bug Bounty Hunting
Howdy! My name is Harrison Richardson, or rs0n (arson) when I want to feel cooler than I really am. The code in this repository started as a small collection of scripts to help automate many of the...
View ArticleClik here to view.
Reaper - Proof Of Concept On BYOVD Attack
Reaper is a proof-of-concept designed to exploit BYOVD (Bring Your Own VulnerableDriver) driver vulnerability. This malicious technique involves inserting a legitimate, vulnerable driver into a target...
View ArticleClik here to view.
EvilSlackbot - A Slack Bot Phishing Framework For Red Teaming Exercises
EvilSlackbotA Slack Attack Framework for conducting Red Team and phishing exercises within Slack workspaces. DisclaimerThis tool is intended for Security Professionals only. Do not use this tool...
View ArticleClik here to view.
Startup-SBOM - A Tool To Reverse Engineer And Inspect The RPM And APT...
This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed.The process and objective is simple we can get a clear perspective view on the packages...
View ArticleClik here to view.
ROPDump - A Command-Line Tool Designed To Analyze Binary Executables For...
ROPDump is a tool for analyzing binary executables to identify potential Return-Oriented Programming (ROP) gadgets, as well as detecting potential buffer overflow and memory leak...
View ArticleClik here to view.
X-Recon - A Utility For Detecting Webpage Inputs And Conducting XSS Scans
A utility for identifying web page inputs and conducting XSS scanning.Features:Subdomain Discovery:Retrieves relevant subdomains for the target website and consolidates them into a whitelist. These...
View ArticleClik here to view.
Thief Raccoon - Login Phishing Tool
Thief Raccoon is a tool designed for educational purposes to demonstrate how phishing attacks can be conducted on various operating systems. This tool is intended to raise awareness about cybersecurity...
View ArticleClik here to view.
PIP-INTEL - OSINT and Cyber Intelligence Tool
Pip-Intel is a powerful tool designed for OSINT (Open Source Intelligence) and cyber intelligence gathering activities. It consolidates various open-source tools into a single user-friendly interface...
View ArticleClik here to view.
Sttr - Cross-Platform, Cli App To Perform Various Operations On String
sttr is command line software that allows you to quickly run various transformation operations on the string.// With input promptsttr// Direct inputsttr md5 "Hello World"// File inputsttr md5...
View ArticleClik here to view.
NativeDump - Dump Lsass Using Only Native APIs By Hand-Crafting Minidump...
NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList and...
View ArticleClik here to view.
CyberChef - The Cyber Swiss Army Knife - A Web App For Encryption, Encoding,...
CyberChef is a simple, intuitive web app for carrying out all manner of "cyber"operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption...
View ArticleClik here to view.
Volana - Shell Command Obfuscation To Avoid Detection Systems
Shell command obfuscation to avoid SIEM/detection system During pentest, an important aspect is to be stealth. For this reason you should clear your tracks after your passage. Nevertheless, many...
View ArticleClik here to view.
BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To...
A proof-of-concept User-Defined Reflective Loader (UDRL) which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!Contributors:ContributorTwitterNotable ContributionsBobby...
View ArticleClik here to view.
Extrude - Analyse Binaries For Missing Security Features, Information...
Analyse binaries for missing security features, information disclosure and more.Extrude is in the early stages of development, and currently only supports ELF and MachO binaries. PE (Windows) binaries...
View ArticleClik here to view.
XMGoat - Composed of XM Cyber terraform templates that help you learn about...
XM Goat is composed of XM Cyberterraform templates that help you learn about common Azure security issues. Each template is a vulnerable environment, with some significant misconfigurations. Your job...
View ArticleClik here to view.
VulnNodeApp - A Vulnerable Node.Js Application
A vulnerable application made using node.js, express server and ejs template engine. This application is meant for educational purposes only.SetupClone this repositorygit clone...
View ArticleClik here to view.
Hfinger - Fingerprinting HTTP Requests
Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :-)Its main objective is to provide unique representations (fingerprints) of malware...
View ArticleClik here to view.
CloudBrute - Awesome Cloud Enumerator
A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty...
View Article