SpyCast – A Crossplatform mDNS Enumeration Tool
SpyCast is a crossplatform mDNS enumeration tool that can work either in active mode by recursively querying services, or in...
Tools
Psudohash – Password List Generator That Focuses On Keywords Mutated By Commonly Used Password Creation Patterns
psudohash is a password list The script includes a basic character substitution schema. You can add/modify character substitution patterns by...
Scan4All – Vuls Scan: 15000+PoCs; 21 Kinds Of Application Password Crack; 7000+Web Fingerprints; 146 Protocols And 90000+ Rules Port Scanning; Fuzz, HW, Awesome BugBounty…
What is scan4all: integrated vscan, nuclei, ksubdomain, subfinder, etc., fully automated and intelligent。red team tools Code-level optimization, parameter optimization, and...
pyFlipper – Unoffical Flipper Zero Cli Wrapper Written In Python
Unoffical Flipper Zero cli wrapper written in PythonFunctions and characteristics: Flipper serial CLI wrapper Websocket client interfaceSetup instructions:$ git clone...
SharpNamedPipePTH – Pass The Hash To A Named Pipe For Token Impersonation
This project is a C# tool to use Pass-the-Hash for authentication on a local Named Pipe for user Impersonation. You...
PSAsyncShell – PowerShell Asynchronous TCP Reverse Shell
PSAsyncShell is an Asynchronous TCP Reverse Shell written in pure PowerShell.Unlike other reverse shells, all the communication and execution flow...
Pax – CLI Tool For PKCS7 Padding Oracle Attacks
Exploit padding oracles for fun and profit!Pax (PAdding oracle eXploiter) is a tool for exploiting padding oracles in order to:Obtain...
SCodeScanner – Stands For Source Code Scanner Where The User Can Scans The Source Code For Finding The Critical Vulnerabilities
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities. The...
OSRipper – AV Evading OSX Backdoor And Crypter Framework
OSripper is a fully undetectable Backdoor generator and Crypter which specialises in OSX M1 malware. It will also work on...
Kam1n0 – Assembly Analysis Platform
Kam1n0 v2.x is a scalable assembly management and analysis platform. It allows a user to first index a (large) collection...
CATS – REST API Fuzzer And Negative Testing Tool For OpenAPI Endpoints
REST API fuzzer and negative testing tool. Run thousands of self-healing API tests within minutes with no coding effort!Comprehensive: tests...
FISSURE – Frequency Independent SDR-based Signal Understanding and Reverse Engineering
Frequency Independent SDR-based Signal Understanding and Reverse EngineeringFISSURE is an open-source RF and reverse engineering framework designed for all skill...
DeathSleep – A PoC Implementation For An Evasion Technique To Terminate The Current Thread And Restore It Before Resuming Execution, While Implementing Page Protection Changes During No Execution
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing...
XLL_Phishing – XLL Phishing Tradecraft
With Microsoft's recent announcement regarding the blocking of macros in documents originating from the internet (email AND web download), attackers...
SharpImpersonation – A User Impersonation Tool – Via Token Or Shellcode Injection
This was a learning by doing project from my side. Well known techniques are used to built just another impersonation...
SDomDiscover – A Easy-To-Use Python Tool To Perform DNS Recon
_____ ____ ____ _ / ___// __ ____ ____ ___ / __ (_)_____________ _ _____ _____ __ / / /...
PersistenceSniper – Powershell Script That Can Be Used By Blue Teams, Incident Responders And System Administrators To Hunt Persistences Implanted In Windows Machines
PersistenceSniper is a Powershell script that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences...
Nim-RunPE – A Nim Implementation Of Reflective PE-Loading From Memory
A Nim implementation of reflective PE-Loading from memory. The base for this code was taken from RunPE-In-Memory - which I...
GraphCrawler – GraphQL Automated Security Testing Toolkit
Graph Crawler is the most powerful automated testing toolkit for any GraphQL endpoint.NEW: Can search for endpoints for you using...
Gohide – Tunnel Port To Port Traffic Over An Obfuscated Channel With AES-GCM Encryption
Tunnel port to port traffic via an obfuscated channel with AES-GCM encryption.Obfuscation ModesSession Cookie HTTP GET (http-client)Set-Cookie Session Cookie HTTP/2...
ForceAdmin – Create Infinite UAC Prompts Forcing A User To Run As Admin
ForceAdmin is a c# payload builder, creating infinate UAC pop-ups until the user allows the program to be ran. The...
Coercer – A Python Script To Automatically Coerce A Windows Server To Authenticate On An Arbitrary Machine Through 9 Methods
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods. FeaturesAutomatically detects...
noPac – Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-2021-42278 +...
BeatRev – POC For Frustrating/Defeating Malware Analysts
BeatRev Version 2Disclaimer/LiabilityThe work that follows is a POC to enable malware to "key" itself to a particular victim in...
