Seekr – A Multi-Purpose OSINT Toolkit With A Neat Web-Interface
A multi-purpose toolkit for gathering and managing OSINT-Data with a neat web-interface. Introduction Seekr is a multi-purpose toolkit for gathering...
Tools
Grepmarx – A Source Code Static Analysis Platform For AppSec Enthusiasts
Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and...
Shoggoth – Asmjit Based Polymorphic Encryptor
Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode, PE, and COFF files...
RedditC2 – Abusing Reddit API To Host The C2 Traffic, Since Most Of The Blue-Team Members Use Reddit, It Might Be A Great Way To Make The Traffic Look Legit
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a...
QRExfiltrate – Tool That Allows You To Convert Any Binary File Into A QRcode Movie. The Data Can Then Be Reassembled Visually Allowing Exfiltration Of Data In Air Gapped Systems
This tool is a command line utility that allows you to convert any binary file into a QRcode GIF. The...
Noseyparker – A Command-Line Program That Finds Secrets And Sensitive Information In Textual Data And Git History
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data. It is useful both for...
Apk.Sh – Makes Reverse Engineering Android Apps Easier, Automating Some Repetitive Tasks Like Pulling, Decoding, Rebuilding And Patching An APK
apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding...
ThunderCloud – Cloud Exploit Framework
Cloud Exploit Framework Usage python3 tc.py -h _______ _ _ _____ _ _ |__ __| | | | / ____|...
Fingerprintx – Standalone Utility For Service Discovery On Open Ports!
fingerprintx is a utility similar to httpx that also supports fingerprinting services like as RDP, SSH, MySQL, PostgreSQL, Kafka, etc....
Waf-Bypass – Check Your WAF Before An Attacker Does
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False...
MSI Dump – A Tool That Analyzes Malicious MSI Installation Packages, Extracts Files, Streams, Binary Data And Incorporates YARA Scanner
MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner....
Decider – A Web Application That Assists Network Defenders, Analysts, And Researcher In The Process Of Mapping Adversary Behaviors To The MITRE ATT&CK Framework
What is it? The Short A web application that assists network defenders, analysts, and researchers in the process of mapping...
CMLoot – Find Interesting Files Stored On (System Center) Configuration Manager (SCCM/CM) SMB Shares
CMLoot was created to easily find interesting files stored on System Center Configuration Manager (SCCM/CM) SMB shares. The shares are...
PortexAnalyzerGUI – Graphical Interface For PortEx, A Portable Executable And Malware Analysis Library
Graphical interface for PortEx, a Portable Executable and Malware Analysis Library Download Releases page Features Header information from: MSDOS Header,...
Invoke-PSObfuscation – An In-Depth Approach To Obfuscating The Individual Components Of A PowerShell Payload Whether You’Re On Windows Or Kali Linux
Traditional obfuscation techniques tend to add layers to encapsulate standing code, such as base64 or compression. These payloads do continue...
NimPlant – A Light-Weight First-Stage C2 Implant Written In Nim
By Cas van Cooten (@chvancooten), with special thanks to some awesome folks: Fabian Mosch (@S3cur3Th1sSh1t) for sharing dynamic invocation implementation...
Ator – Authentication Token Obtain and Replace Extender
The plugin is created to help automated scanning using Burp in the following scenarios: Access/Refresh token Token replacement in XML,JSON...
FindUncommonShares – A Python Equivalent Of PowerView’s Invoke-ShareFinder.ps1 Allowing To Quickly Find Uncommon Shares In Vast Windows Domains
The script FindUncommonShares.py is a Python equivalent of PowerView's Invoke-ShareFinder.ps1 allowing to quickly find uncommon shares in vast Windows...
Wifi_Db – Script To Parse Aircrack-ng Captures To A SQLite Database
Script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes (in 22000 hashcat format), MGT...
Kali Linux 2023.1 – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2023.1. This release has various impressive updates. he changelog summary since...
GPT_Vuln-analyzer – Uses ChatGPT API And Python-Nmap Module To Use The GPT3 Model To Create Vulnerability Reports Based On Nmap Scan Data
This is a Proof Of Concept application that demostrates how AI can be used to generate accurate results for vulnerability...
CertWatcher – A Tool For Capture And Tracking Certificate Transparency Logs, Using YAML Templates Based DSL
CertWatcher is a tool for capture and tracking certificate transparency logs, using YAML templates. The tool helps to detect and...
CertVerify – A Scanner That Files With Compromised Or Untrusted Code Signing Certificates
The CertVerify is a tool designed to detect executable files (exe, dll, sys) that have been signed with untrusted or...
Graphicator – A GraphQL Enumeration And Extraction Tool
Graphicator is a GraphQL "scraper" / extractor. The tool iterates over the introspection document returned by the targeted GraphQL endpoint,...
