Allstar – GitHub App To Set And Enforce Security Policies
Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to...
Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to...
jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it's built for this, you...
AuraBorealis is a web application for visualizing anomalous and potentially malicious code in Python package registries. It uses security audit...
Intel SGX protects isolated application logic and sensitive data inside an enclave with hardware-based memory encryption. To use such hardware-based...
A statically-linked ssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges,...
PickleC2 is a post-exploitation and lateral movements framework. DocumentationReadTheDocs OverviewPickleC2 is a simple C2 framework written in python3 used to...
Grab cam shots from target's phone front camera or PC webcam just sending a link. What is CamPhish?CamPhish is techniques...
This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated...
This tool allows: To check whether a subdomain can be taken over because it has: a dangling CNAME pointing to...
An advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation...
NinjaDroid is a simple tool to reverse engineering Android APK packages. Published at: https://snapcraft.io/ninjadroid $ snap install ninjadroid --channel=betaOverviewNinjaDroid uses...
Nimplant is a cross-platform (Linux & Windows) implant written in Nim as a fun project to learn about Nim and...
A tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token...
HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request...
Alan Framework is a post-exploitation framework useful during red-team activities. If you find my tool useful, please consider to sponsor...
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client...
Please read the initial JARM blog post for more information. JARM is an active Transport Layer Security (TLS) server fingerprinting...
Distributed malware processing framework based on Python, Redis and MinIO. The ideaKarton is a robust framework for creating flexible and...
In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their enhanced optics requirements,...
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and relaying to...
sigurlfind3r is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback...
Injects php payloads into jpeg images. Related to this post. Use CaseYou have a web application that runs a jpeg...
Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or...
go-shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API...