BlueBunny – BLE Based C2 For Hak5’s Bash Bunny
C2 solution that communicates directly over Bluetooth-Low-Energy with your Bash Bunny Mark II.Send your Bash Bunny all the instructions it...
Tools
PassBreaker – Command-line Password Cracking Tool Developed In Python
PassBreaker is a command-line password cracking tool developed in Python. It allows you to perform various password cracking techniques such...
Porch-Pirate – The Most Comprehensive Postman Recon / OSINT Client And Framework That Facilitates The Automated Discovery And Exploitation Of API Endpoints And Secrets Committed To Workspaces, Collections, Requests, Users And Teams
Porch Pirate started as a tool to quickly uncover Postman secrets, and has slowly begun to evolve into a multi-purpose...
C2-Search-Netlas – Search For C2 Servers Based On Netlas
C2 Search Netlas is a Java utility designed to detect Command and Control (C2) servers using the Netlas API. It...
NimExec – Fileless Command Execution For Lateral Movement In Nim
Basically, NimExec is a fileless remote command execution tool that uses The Service Control Manager Remote Protocol (MS-SCMR). It changes...
T3SF – Technical Tabletop Exercises Simulation Framework
T3SF is a framework that offers a modular structure for the orchestration of events based on a master scenario events...
Aladdin – Payload Generation Technique That Allows The Deseriallization Of A .NET Payload And Execution In Memory
Aladdin is a payload generation technique based on the work of James Forshaw (@tiraniddo) that allows the deseriallization of a...
Windiff – Web-based Tool That Allows Comparing Symbol, Type And Syscall Information Of Microsoft Windows Binaries Across Different Versions Of The OS
WinDiff is an open-source web-based tool that allows browsing and comparing symbol, type and syscall information of Microsoft Windows binaries...
HiddenDesktop – HVNC For Cobalt Strike
Hidden Desktop (often referred to as HVNC) is a tool that allows operators to interact with a remote desktop session...
DynastyPersist – A Linux Persistence Tool!
A Linux persistence tool! A powerful and versatile Linux persistence script designed for various security assessment and testing scenarios. This...
MaccaroniC2 – A PoC Command And Control Framework That Utilizes The Powerful AsyncSSH
MaccaroniC2 is a proof-of-concept Command and Control framework that utilizes the powerful AsyncSSH Python library which provides an asynchronous client...
Mass-Bruter – Mass Bruteforce Network Protocols
Mass bruteforce network protocols Info Simple personal script to quickly mass bruteforce common services in a large scale of network....
OSINT-Framework – OSINT Framework
OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT...
Iac-Scan-Runner – Service That Scans Your Infrastructure As Code For Common Vulnerabilities
Service that scans your Infrastructure as Code for common vulnerabilities. Aspect Information Tool name IaC Scan Runner Docker image xscanner/runner...
ICS-Forensics-Tools – Microsoft ICS Forensics Framework
Microsoft ICS Forensics Tools is an open source forensic framework for analyzing Industrial PLC metadata and project files. it enables...
Deepsecrets – Secrets Scanner That Understands Code
Yet another tool - why? Existing tools don't really "understand" code. Instead, they mostly parse texts. DeepSecrets expands classic regex-search...
CureIAM – Clean Accounts Over Permissions In GCP Infra At Scale
Clean up of over permissioned IAM accounts on GCP infra in an automated way CureIAM is an easy-to-use, reliable, and...
MemTracer – Memory Scaner
MemTracer is a tool that offers live memory analysis capabilities, allowing digital forensic practitioners to discover and investigate stealthy attack...
LightsOut – Generate An Obfuscated DLL That Will Disable AMSI And ETW
LightsOut will generate an obfuscated DLL that will disable AMSI & ETW while trying to evade AV. This is done...
Bread – BIOS Reverse Engineering And Advanced Debugging
BREAD (BIOS Reverse Engineering & Advanced Debugging) is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code (on...
LTESniffer – An Open-source LTE Downlink/Uplink Eavesdropper
LTESniffer is An Open-source LTE Downlink/Uplink Eavesdropper It first decodes the Physical Downlink Control Channel (PDCCH) to obtain the Downlink...
Padre – Blazing Fast, Advanced Padding Oracle Exploit
padre is an advanced exploiter for Padding Oracle attacks against CBC mode encryption Features: blazing fast, concurrent implementation decryption of...
Goblob – A Fast Enumeration Tool For Publicly Exposed Azure Storage Blobs
Goblob is a lightweight and fast enumeration tool designed to aid in the discovery of sensitive information exposed publicy in...
Forbidden-Buster – A Tool Designed To Automate Various Techniques In Order To Bypass HTTP 401 And 403 Response Codes And Gain Access To Unauthorized Areas In The System
Forbidden Buster is a tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes...
