Malicious-Pdf – Generate A Bunch Of Malicious Pdf Files With Phone-Home Functionality
Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh Used for penetration...
Tools
Graphql-Threat-Matrix – GraphQL Threat Framework Used By Security Professionals To Research Security Gaps In GraphQL Implementations
Why graphql-threat-matrix? graphql-threat-matrix was built for bug bounty hunters, security researchers and hackers to assist with uncovering vulnerabilities across multiple...
Cliam – Multi Cloud IAM Permissions Enumeration Tool
Multi cloud iam permissions enumeration tool. Currently covers: AWS GCP Azure Oracle Description Cliam is a simple cloud permissions identifier....
LDAPFragger – Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data Over LDAP
LDAPFragger is a Command and Control tool that enables attackers to route From network segment A, run LDAPFragger --cshost <Cobalt...
LeakedHandlesFinder – Leaked Windows Processes Handles Identification Tool
Leaked Presented at rootedcon 2022 https://www.rootedcon.com/ponentes-rooted2022/. Presentation -> Presentation/Exploiting Leaked Handles for LPE.pdf Download LeakedHandlesFinder If you like the site,...
FirmWire -b Full-System Baseband Firmware Emulation Platform For Fuzzing, Debugging, And Root-Cause Analysis Of Smartphone Baseband Firmwares
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and FirmWire...
Pybatfish – Python Client For Batfish (Network Configuration Analysis Tool)
Pybatfish is a Python client for The Batfish YouTube channel (which you can subscribe to for new content) illustrates many...
Moonwalk – Cover Your Tracks During Linux Exploitation By Leaving Zero Traces On System Logs And Filesystem Timestamps
Cover your tracks during Linux Once you get a shell into the target Unix machine, start a moonwalk session by...
Nanodump – A Crappy LSASS Dumper With No ASCII Art
A flexible tool that creates a minidump of the LSASS process. 1. Features It uses syscalls (with SysWhispers2) for most...
BackupOperatorToDA – From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain Controller
If you compromise an account member of the group Backup Operators you can become the Domain Admin without RDP or...
Dora – Find Exposed API Keys Based On RegEx And Get Exploitation Methods For Some Of Keys That Are Found
Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to...
Requests-Ip-Rotator – A Python Library To Utilize AWS API Gateway’s Large IP Pool As A Proxy To Generate Pseudo-Infinite IPs For Web Scraping And Brute Forcing
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web...
Osinteye – Username Enumeration And Reconnaisance Suite
Username Enumeration And Reconnaisance Suite Supported sites PyPI Github TestPypi About.me Instagram DockerHub Installation Clone project: $ git clone...
Lupo – Malware IOC Extractor. Debugging Module For Malware Analysis Automation
Debugging module for Malware Analysis Automation For a step by step post on how to use Lupo, with images and...
IOSSecuritySuite – iOS Platform Security And Anti-Tampering Swift Library
iOS Security Suite is an advanced and easy-to-use platform security & anti-tampering library written in pure Swift! If you...
Rip Raw – Small Tool To Analyse The Memory Of Compromised Linux Systems
Rip Raw is a small tool to analyse the memory of compromised Linux systems. It is similar in purpose to...
BITB – Browser In The Browser (BITB) Templates
Detecting Color Preference To get the most out of this you should determine the OS from the user agent and...
O365-Doppelganger – A Quick Handy Script To Harvest Credentials Off Of A User During A Red Team And Get Execution Of A File From The User
O365-Doppelganger is NOT a replacement for hardcore Download O365-Doppelganger If you like the site, please consider joining the telegram channel...
VulFi – Plugin To IDA Pro Which Can Be Used To Assist During Bug Hunting In Binaries
The VulFi (Vulnerability Finder) tool is a plugin to IDA Pro which can be used to assist during bug hunting...
Bore – Simple CLI Tool For Making Tunnels To Localhost
A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls....
Wpgarlic – A Proof-Of-Concept WordPress Plugin Fuzzer
A proof-of-concept WordPress plugin fuzzer used in the research described in . That means that the fuzzer detected executing fopen()...
DDexec – A Technique To Run Binaries Filelessly And Stealthily On Linux Using Dd To Replace The Shell With Another Process
In Linux in order to run a program it must exist as a file, it must be accessible in some...
Spring4Shell-Scan – A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities
A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities Features Support for lists of...
Malwarescanner – Simple Malware Scanner Written In Python
Simple Malware Scanner written in python Very basic malware Scanner by hash comparison Sometimes this can be needed when an...
