Gato – GitHub Self-Hosted Runner Enumeration And Attack Tool
Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners...
Tools
msLDAPDump – LDAP Enumeration Tool
msLDAPDump simplifies LDAP enumeration in a domain environment by wrapping the lpap3 library from Python in an easy-to-use interface. Like...
Certsync – Dump NTDS With Golden Certificates And UnPAC The Hash
certsync is a new technique in order to dump NTDS remotely, but this time without DRSUAPI: it uses golden certificate...
EndExt – Go Tool For Extracting All The Possible Endpoints From The JS Files
EndExt is a .go tool for extracting all the possible endpoints from the JS files Idea When you crawll all...
Handle-Ripper – Windows Handle Hijacker
Handle hijacking is a technique used in Windows operating systems to gain access to resources and resources of a system...
Scanner-and-Patcher – A Web Vulnerability Scanner And Patcher
This tools is very helpful for finding vulnerabilities present in the Web Applications. A web application scanner explores a web...
LSMS – Linux Security And Monitoring Scripts
These are a collection of security and monitoring scripts you can use to monitor your Linux installation for security-related events...
Forensia – Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase
Anti Forensics Tool For Red Teamers, Used For Erasing Some Footprints In The Post Exploitation Phase. Reduces Payload Burnout And...
Firefly – Black Box Fuzzer For Web Applications
Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly provides the advantage of testing...
BackupOperatorToolkit – The BackupOperatorToolkit Contains Different Techniques Allowing You To Escalate From Backup Operator To Domain Admin
The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin. Usage The BackupOperatorToolkit (BOT) has...
Killer – Is A Tool Created To Evade AVs And EDRs Or Security Tools
It's a AV/EDR Evasion tool created to bypass security tools for learning, until now the tool is FUD. Features: Module...
Fiber – Using Fibers To Run In-Memory Code In A Different And Stealthy Way
A fiber is a unit of execution that must be manually scheduled by the application rather than rely on the...
C2-Hunter – Extract C2 Traffic
C2-Hunter C2-Hunter is a program designed for malware analysts to extract Command and Control (C2) traffic from malwares in real-time....
Burpgpt – A Burp Suite Extension That Integrates OpenAI’s GPT To Perform An Additional Passive Scan For Discovering Highly Bespoke Vulnerabilities, And Enables Running Traffic-Based Analysis Of Any Type
burpgpt leverages the power of AI to detect security vulnerabilities that traditional scanners might miss. It sends web traffic to...
Bypass-Sandbox-Evasion – Bypass Malware Sandbox Evasion Ram Check
Sandboxes are commonly used to analyze malware. They provide a temporary, isolated, and secure environment in which to observe whether...
PythonMemoryModule – Pure-Python Implementation Of MemoryModule Technique To Load Dll And Unmanaged Exe Entirely From Memory
"Python memory module" AI generated pic - hotpot.ai pure-python implementation of MemoryModule technique to load a dll or unmanaged exe...
XSS-Exploitation-Tool – An XSS Exploitation Tool
XSS Exploitation Tool is a penetration testing tool that focuses on the exploit of Cross-Site Scripting vulnerabilities. This tool is...
AtomLdr – A DLL Loader With Advanced Evasive Features
A DLL Loader With Advanced Evasive Features Features: CRT library independent. The final DLL file, can run the payload by...
LinkedInDumper – Tool To Dump Company Employees From LinkedIn API
Python 3 script to dump company employees from LinkedIn API Description LinkedInDumper is a Python 3 script that dumps employee...
Kubestroyer – Kubernetes Exploitation Tool
Kubestroyer Kubestroyer aims to exploit Kubernetes clusters misconfigurations and be the swiss army knife of your Kubernetes pentests About The...
DCVC2 – A Golang Discord C2 Unlike Any Other
This multi operating system compatible tool was created to leverage Discord's voice channels for command and control operations. This tool...
MAAD-AF – MAAD Attack Framework – An Attack Tool For Simple, Fast And Effective Security Testing Of M365 And Azure AD
MAAD-AF is an open-source cloud attack tool developed for testing security of Microsoft 365 & Azure AD environments through adversary...
Burp-Dom-Scanner – Burp Suite’s Extension To Scan And Crawl Single Page Applications
It's a Burp Suite's extension to allow for recursive crawling and scanning of Single Page Applications. It runs a Chromium...
PentestGPT – A GPT-empowered Penetration Testing Tool
A GPT-empowered penetration testing tool. Common Questions Q: What is PentestGPT? A: PentestGPT is a penetration testing tool empowered by...
