PassMute – PassMute – A Multi Featured Password Transmutation/Mutator Tool
This is a command-line tool written in Python that applies one or more transmutation rules to a given password or...
hacking
Lfi-Space – LFI Scan Tool
Written by TMRSWRR Version 1.0.0 All in one tools for LFI VULN FINDER -LFI DORK FINDER Instagram: TMRSWRR Screenshots How...
TLDHunt – Domain Availability Checker
TLDHunt is a command-line tool designed to help users find available domain names for their online projects or businesses. By...
Indicator-Intelligence – Finds Related Domains And IPv4 Addresses To Do Threat Intelligence After Indicator-Intelligence Collects Static Files
Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files. Done Related domains, IPs collect...
SpiderSuite – Advance Web Spider/Crawler For Cyber Security Professionals
An advance cross-platform and multi-feature GUI web spider/crawler for cyber security proffesionals. Spider Suite can be used for attack surface...
Domain-Protect – OWASP Domain Protect – Prevent Subdomain Takeover
OWASP Global AppSec Dublin - talk and demo Features scan Amazon Route53 across an AWS Organization for domain records vulnerable...
Nimbo-C2 – Yet Another (Simple And Lightweight) C2 Framework
About Nimbo-C2 is yet another (simple and lightweight) C2 framework. Nimbo-C2 agent supports x64 Windows & Linux. It's written in...
NTLMRecon – A Tool For Performing Light Brute-Forcing Of HTTP Servers To Identify Commonly Accessible NTLM Authentication Endpoints
NTLMRecon is a Golang version of the original NTLMRecon utility written by Sachin Kamath (AKA pwnfoo). NTLMRecon can be leveraged...
Fuzztruction – Prototype Of A Fuzzer That Does Not Directly Mutate Inputs (As Most Fuzzers Do) But Instead Uses A So-Called Generator Application To Produce An Input For Our Fuzzing Target
Fuzztruction is an academic prototype of a fuzzer that does not directly mutate inputs (as most fuzzers do) but instead...
Spartacus – DLL Hijacking Discovery Tool
Why "Spartacus"? If you have seen the film Spartacus from 1960, you will remember the scene where the Romans are...
Teler-Waf – A Go HTTP Middleware That Provides Teler IDS Functionality To Protect Against Web-Based Attacks And Improve The Security Of Go-based Web Applications
teler-waf is a comprehensive security solution for Go-based web applications. It acts as an HTTP middleware, providing an easy-to-use interface...
Metlo – An Open-Source API Security Platform
Secure Your API. Metlo is an open-source API security platform With Metlo you can: Create an Inventory of all your...
REcollapse Is A Helper Tool For Black-Box Regex Fuzzing To Bypass Validations And Discover Normalizations In Web Applications
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications. It can...
hardCIDR – Linux Bash Script To Discover The Netblocks, Or Ranges, Owned By The Target Organization
A Linux Bash script to discover the netblocks, or ranges, (in CIDR notation) owned by the target organization during the...
Sh4D0Wup – Signing-key Abuse And Update Exploitation Framework
Signing-key abuse and update exploitation framework. % docker run -it --rm ghcr.io/kpcyrd/sh4d0wup:edge -hUsage: sh4d0wup <COMMAND>Commands: bait Start a malicious update...
Bearer – Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)
Discover, filter, and prioritize security risks and vulnerabilities impacting your code. Bearer is a static application security testing (SAST) tool...
FirebaseExploiter – Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable
FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for...
PhoneSploit-Pro – An All-In-One Hacking Tool To Remotely Exploit Android Devices Using ADB And Metasploit-Framework To Get A Meterpreter Session
An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework. Complete...
PortEx – Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness,...
auditpolCIS – CIS Benchmark Testing Of Windows SIEM Configuration
CIS Benchmark testing of Windows SIEM configuration This is an application for testing the configuration of Windows Audit Policy settings...
KubeStalk – Discovers Kubernetes And Related Infrastructure Based Attack Surface From A Black-Box Perspective
KubeStalk is a tool to discover Kubernetes and related infrastructure based attack surface from a black-box perspective. This tool...
Nuclearpond – A Utility Leveraging Nuclei To Perform Internet Wide Scans For The Cost Of A Cup Of Coffee
Nuclear Pond is used to leverage Nuclei in the cloud with unremarkable speed, flexibility, and perform internet wide scans for...
PowerMeUp – A Small Library Of Powershell Scripts For Post Exploitation That You May Need Or Use!
This is a powershell reverse shell that executes the commands and or scripts that you add to the powerreverse.ps1 file...
Striker – A Command And Control (C2)
Striker is a simple Command and Control (C2) program. Disclaimer This project is under active development. Most of the features...
