PurplePanda – Identify Privilege Escalation Paths Within And Across Different Clouds
This tool fetches resources from different cloud/saas applications focusing on permissions in order to identify privilege escalation paths and dangerous...
Tools
RefleXXion – A Utility Designed To Aid In Bypassing User-Mode Hooks Utilised By AV/EPP/EDR Etc
Introduction RefleXXion is a utility designed to aid in How to Use You can open and compile the project with...
WMEye – A Post Exploitation Tool That Uses WMI Event Filter And MSBuild Execution For Lateral Movement
WMEye is an experimental tool that was developed when exploring about Windows WMI. The tool is developed for performing Lateral...
Patching – An Interactive Binary Patching Plugin For IDA Pro
Patching A complete listing of the contextual patching actions are described in the following sections. Assemble The main patching dialog...
Lnkbomb – Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares
Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The Executable Usage Download Lnkbomb from the releases...
CodeAnalysis – Static Code Analysis
Tencent Cloud Experience Apply Link Key Features Language support: It supports Java/C++/Objective-C/C#/JavaScript/Python/Go/PHP and more, covering common programming languages. Code inspection:...
GoodHound – Uses Sharphound, Bloodhound And Neo4j To Produce An Actionable List Of Attack Paths For Targeted Remediation
Attackers think in graphs, defenders think in actions, Documentation All documentation can be found in the wiki Acknowledgments The py2neo...
Dome – Fast And Reliable Python Script That Makes Active And/Or Passive Scan To Obtain Subdomains And Search For Open Ports
Passive mode: Active mode + port scan: OSINT Search Engines Dome uses these web pages to obtain subdomains Without API:...
DomainAlerting – Daily Alert When A New Domain Name Is Registered And Contains Your Keywords
Daily alert when a new domain name is registered and contains your keywords. Send automatic Prerequisite apt install mailutilspip3 install...
Codecat v0.56 – An Open-Source Tool To Help You Find/Track User Input Sinks And Security Bugs Using Static Code Analysis
CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These...
Nivistealer – Steal Victim Images Exact Location Device Info And Much More
Steal Victim Images Exact Location Device Info And Much More Features of Nivi-Stealer: Steal Ip Steal Device Info Uses Device...
WSVuls – Website Vulnerability Scanner Detect Issues (Outdated Server Software And Insecure HTTP Headers)
WSVuls Website Download Wsvuls If you like the site, please consider joining the telegram channel or supporting us on Patreon...
ASSAMEE – Free Advance Encryptor For Anon Cloud
ASSAMEE is a free Advance encryptor for Anonfiles. It uses an advanced encryption method to encrypt the directory with AES-256....
Scanmycode-Ce – Code Scanning/SAST/Static Analysis/Linting Using Many tools/Scanners With One Report – Scanmycode Community Edition (CE)
It is a Code Scanning/SAST/Static Analysis/Linting solution using many tools/Scanners with One Report. You can also add any tool to...
Master_Librarian – A Simple Tool To Audit Unix/*BSD/Linux System Libraries To Find Public Security Vulnerabilities
A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities. To install requirements: $ sudo python3 -m...
Geowifi – Search WiFi Geolocation Data By BSSID And SSID On Different Public Databases
Search WiFi Json output example { "data":{ "bssid":"A0:XX:XX:XX:6F:90", "vendor":"TP-LINK TECHNOLOGIES CO.,LTD.", "mac_type":"MA-L", "wigle":{ "lat":00.000908922099, "lon":00.000945220028 }, "apple":{ "lat":"not_found", "lon":"not_found"...
GONET-Scanner – Golang Network Scanner With Arp Discovery And Own Parser
ScreenShots Install chmod +x install.sh./install.sh Usage ARP Discovery -ar CIDR -s: Scan ports in all hosts discovered -ap: Scan to...
GraphQL Cop – Security Auditor Utility For GraphQL APIs
GraphQL Cop is a small Python utility to run common security tests against GraphQL APIs. Requirements Python3 Requests Library Detections...
Fastfuz-Chrome-Ext – Site Fast Fuzzing With Chorme Extension
Fast Install Add Your Custom Files Open files.txt Paste your file or directory name in line by line Happy Hunting...
PwnKit-Exploit – Proof Of Concept (PoC) CVE-2021-4034
Proof Of Concept (PoC) CVE-2021-4034 @c0br40x help to make this section in README!! debian@debian:~/PwnKit-Exploit$ makecc -Wall exploit.c -o exploitdebian@debian:~/PwnKit-Exploit$ whoamidebiandebian@debian:~/PwnKit-Exploit$...
Osmedeus – A Workflow Engine For Offensive Security
A Workflow Engine For Offensive Security Installation NOTE that you need some essential tools like curl, wget, git, zip and...
PyShell – Multiplatform Python WebShell
PyShell is Multiplatform Python WebShell. This tool helps you to obtain a shell-like interface on a web server to be...
Authz0 – An Automated Authorization Test Tool. Unauthorized Access Can Be Identified Based On URLs And RolesAnd Credentials
Key Features Generate scan template $ authz0 new Include URLs Include Roles Include ZAP history (Select URLS > Save...
IOC Scraper – A Fast And Reliable Service That Enables You To Extract IOCs And Intelligence From Different Data Sources
IOC Scraper utilises IOCPARSER service to fetch IOCs from different vendor Blogs, PDFs, and CSV files. Parsing IOCs is time-consuming...
