HaccTheHub – Open Source Self-Hosted Cyber Security Learning Platform
Open source self-hosted HaccTheHub is an open source project that provides cyber security The HaccTheHub system consists of 3 main...
Tools
Ocr-Recon – Tool To Find A Particular String In A List Of URLs Using Tesseract’S OCR (Optical Character Recognition) Capabilities
This tool is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition)...
Chaya – Advance Image Steganography
Chaya protects your privacy through steganography, Supports AES-256-GCM cryptography Supports Standard LSB steganography Supports LSB-LPS steganography Supports FLIF lossless compression...
Litefuzz – A Multi-Platform Fuzzer For Poking At Userland Binaries And Servers
Litefuzz is meant to serve a purpose: fuzz and triage on all the major platforms, support both CLI/GUI apps, network...
Searpy – Search Engine Tookit
1. Install git clone https://github.com/j3ers3/Searpypip install -r requirement.txt配置API及账号 ./config.pypython Searpy -h 2. Help baidu Engine --google Using google Engine --so...
CAPEv2 – Malware Configuration And Payload Extraction
CAPE is a malware sandbox. It was derived from Cuckoo with the goal of adding automated malware unpacking and config...
BruteShark – Network Analysis Tool
BruteShark is a Network Building a Network Diagram File Carving Password Extracting Reconstruct all TCP Sessions Extract VoIP Calls ...
Checkov – Prevent Cloud Misconfigurations During Build-Time For Terraform, CloudFormation, Kubernetes, Serverless Framework And Other Infrastructure-As-Code-Languages
Checkov is a Getting started Requirements Python >= 3.7 (Data classes are available for Python 3.7+) Terraform >= 0.12 Installation...
DRAKVUF Sandbox – Automated Hypervisor-Level Malware Analysis System
DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an...
StayKit – Cobalt Strike Kit For Persistence
StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the SharpStay .NET assembly. The aggressor...
Katoolin3 – Get Your Favourite Kali Linux Tools On Debian/Ubuntu/Linux Mint
Katoolin3 brings all programs available in Kali Linux to Debian and Ubuntu. Description This program is a port of katoolin...
NTLMRecon – Enumerate Information From NTLM Authentication Enabled Web Endpoints
A fast and flexible NTLM TODO Implement aiohttp based solution for sending requests Integrate a spraying library Add other authentication...
openSquat – Detection Of Phishing Domains And Domain Squatting. Supports Permutations Such As Homograph Attack, Typosquatting And Bitsquatting
What is openSquat openSquat is an opensource Intelligence (OSINT) security tool to identify cyber squatting threats to specific companies or...
JNDI-Injection-Exploit – A Tool Which Generates JNDI Links Can Start Several Servers To Exploit JNDI Injection Vulnerability
JNDI-Injection-Exploit is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP...
Win-Brute-Logon – Crack Any Microsoft Windows Users Password Without Any Privilege (Guest Account Included)
This PoC was ported in pure PowerShell: https://github.com/DarkCoderSc/power-brute-logonWin Brute Logon (Proof Of Concept) Release date: 2020-05-14 Target: Windows XP to...
Jatayu – Stealthy Stand Alone PHP Web Shell
JATAYU Stealthy Stand Alone PHP Web Shell FEATURES Http Header Based Authentication. 100% Undetectable. Exec Function Changer. Nothing Fancy USAGE...
Chain-Reactor – An Open Source Framework For Composing Executables That Simulate Adversary Behaviors And Techniques On Linux Endpoints
Chain Reactor is an open-source tool for testing detection and response coverage on Linux machines. The tool generates executables that...
Voltron – A Hacky Debugger UI For Hackers
Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers...
SSRFire – An Automated SSRF Finder. Just Give The Domain Name And Your Server And Chill! Also Has Options To Find XSS And Open Redirects
An automated SSRF finder. Just give the domain name and your server and chill! ;) It also has options to...
HybridTestFramework – End To End Testing Of Web, API And Security
Full-fledged WEB, API and Security Execution Gif Download HybridTestFramework If you like the site, please consider joining the telegram channel...
Talisman – By Hooking Into The Pre-Push Hook Provided By Git, Talisman Validates The Outgoing Changeset For Things That Look Suspicious
A tool to detect and prevent secrets from getting checked in What is Talisman? Talisman is a tool that installs...
SharpCookieMonster – Extracts Cookies From Chrome
This is a Sharp port of @defaultnamehere's cookie-crimes module - full credit for their awesome work! This C# project will...
Boko – Application Hijack Scanner For macOS
boko.py is an application scanner for macOS that searches for and identifies potential dylib hijacking and weak dylib vulnerabilities for...
Njsscan – A Semantic Aware SAST Tool That Can Find Insecure Code Patterns In Your Node.js Applications
njsscan is a static application testing (SAST) tool that can find insecure code patterns in your node.js applications using simple...
