Git-Dumper – A Tool To Dump A Git Repository From A Website
A tool to dump a git repository from a website. Install This can be installed easily with pip: pip install...
Tools
Spock SLAF – A Shared Library Application Firewall “SLAF”
Spock SLAF is a Shared Library Application Firewall "SLAF". It has the purpose to protect any service that uses the...
Sub3Suite – A Free, Open Source, Cross Platform Intelligence Gathering Tool
Sub3 Suite is a research-grade suite of tools for Subdomain Enumeration, OSINT Information Preface If you're just getting started with...
Ecapture – Capture SSL/TLS Text Content Without CA Cert By eBPF
How eCapture works SSL/TLS text context capture, support opensslgnutlsnspr(nss) libraries. bash audit, eCapture User Manual Getting started use ELF binary...
Jfscan – A Super Fast And Customisable Port Scanner, Based On Masscan And NMap
Killing features Scan with nmap fast! Allows you to scan targets with Masscan and run Nmap on discovered ports...
Ma2Tl – macOS Forensic Timeline Generator Using The Analysis Result DBs Of Mac_Apt
This is a DFIR tool for generating a macOS Presentation This tool was published on Japan Security Analyst Conference 2022...
DumpSMBShare – A Script To Dump Files And Folders Remotely From A Windows SMB Share
A script to Contributing Pull requests are welcome. Feel free to open an issue if you want to add other...
Smap – A Drop-In Replacement For Nmap Powered By Shodan.Io
Smap is a replica of Nmap which uses shodan.io's free API for port scanning. It takes same command line arguments...
ADReaper – A Fast Enumeration Tool For Windows Active Directory Pentesting Written In Go
ADReaper is a tool written in Golang which enumerate a Active Directory environment with LDAP queries within few seconds. Installation...
KrbRelay – Framework For Kerberos Relaying
Relaying 3-headed dogs. More details at https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html and https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html This should be working on most fully patched Windows systems. There...
Zircolite – A Standalone SIGMA-based Detection Tool For EVTX, Auditd And Sysmon For Linux Logs
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for linux or JSONL/NDJSON Logs Zircolite is a standalone tool written in...
linWinPwn – A Bash Script That Automates A Number Of Active Directory Enumeration And Vulnerability Checks
TryHackme AttacktiveDirectory Use cases For each of the cases described, the linWinPwn script performs different checks as shown below. Case...
OWASP Coraza WAF – A Golang Modsecurity Compatible Web Application Firewall Library
Welcome to OWASP Coraza Web Application Firewall, OWASP Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity's...
Kraken – A Multi-Platform Distributed Brute-Force Password Cracking System
Kraken is an online distributed brute force password cracking tool. It allows you to parallelize dictionaries and crunch word generator...
EDRSandblast – Tool That Weaponize A Vulnerable Signed Driver To Bypass EDR Detections And LSASS Protections
EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Kernel callbacks and...
Shhhloader – SysWhispers Shellcode Loader
Greetz & Credit: Jthuraisamy for his amazing project SysWhispers: https://github.com/jthuraisamy/SysWhispers OutFlank for creating InlineWhispers (Mingw-w64 Compatible SysWhispers): https://github.com/outflanknl/InlineWhispers FalconForceTeam for...
modifyCertTemplate – ADCS Cert Template Modification And ACL Enumeration
This tool is designed to aid an operator in modifying ADCS certificate templates so that a created vulnerable state can...
vAPI – Vulnerable Adversely Programmed Interface Which Is Self-Hostable API That Mimics OWASP API Top 10 Scenarios Through Exercises
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means...
365Inspect – A PowerShell Script That Automates The Security Assessment Of Microsoft Office 365 Environments
Further the state of O365 security by authoring a PowerShell script that automates the security assessment of Microsoft Office 365...
Presshell – Quick And Dirty WordPress Command Execution Shell
presshell Quick & dirty Wordpress Command Execution Shell. Execute shell commands on your wordpress server. Uploaded shell will probably be...
Melody – A Transparent Internet Sensor Built For Threat Intelligence
Melody Monitor the Internet's background noiseMelody is a transparent internet sensor built for Quickstart Quickstart details. TL;DR Release Get the...
Maat – Open-source Symbolic Execution Framework
Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework. It provides various functionalities such as symbolic execution, taint...
NimPackt-v1 – Nim-based Assembly Packer And Shellcode Loader For Opsec And Profit
By Cas van Cooten ( Usage usage: NimPackt.py -e EXECUTIONMODE -i INPUTFILE required arguments: -e EXECUTIONMODE, --executionmode EXECUTIONMODE Execution mode...
EvilSelenium – A Tool That Weaponizes Selenium To Attack Chromium Based Browsers
EvilSelenium is a new project that weaponizes Support Follow me on twitter @mrd0x BTC Wallet: 38ApE9ciNHiXzEaQExLXdwM6TrEpz2wCUi (for coffee obviously) Download...
