Wafaray – Enhance Your Malware Detection With WAF + YARA (WAFARAY)
WAFARAY is a LAB deployment based on Debian 11.3.0 (stable) x64 made and cooked between two main ingredients WAF +...
hacking
RustChain – Hide Memory Artifacts Using ROP And Hardware Breakpoints
This tool is a simple PoC of how to hide memory artifacts using a ROP chain in combination with hardware...
Cbrutekrag – Penetration Tests On SSH Servers Using Brute Force Or Dictionary Attacks. Written In C
Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means "brute force" in afrikáans Disclaimer This...
ShadowSpray – A Tool To Spray Shadow Credentials Across An Entire Domain In Hopes Of Abusing Long Forgotten GenericWrite/GenericAll DACLs Over Other Objects In The Domain
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other...
PassMute – PassMute – A Multi Featured Password Transmutation/Mutator Tool
This is a command-line tool written in Python that applies one or more transmutation rules to a given password or...
Lfi-Space – LFI Scan Tool
Written by TMRSWRR Version 1.0.0 All in one tools for LFI VULN FINDER -LFI DORK FINDER Instagram: TMRSWRR Screenshots How...
TLDHunt – Domain Availability Checker
TLDHunt is a command-line tool designed to help users find available domain names for their online projects or businesses. By...
Indicator-Intelligence – Finds Related Domains And IPv4 Addresses To Do Threat Intelligence After Indicator-Intelligence Collects Static Files
Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files. Done Related domains, IPs collect...
SpiderSuite – Advance Web Spider/Crawler For Cyber Security Professionals
An advance cross-platform and multi-feature GUI web spider/crawler for cyber security proffesionals. Spider Suite can be used for attack surface...
Domain-Protect – OWASP Domain Protect – Prevent Subdomain Takeover
OWASP Global AppSec Dublin - talk and demo Features scan Amazon Route53 across an AWS Organization for domain records vulnerable...
Nimbo-C2 – Yet Another (Simple And Lightweight) C2 Framework
About Nimbo-C2 is yet another (simple and lightweight) C2 framework. Nimbo-C2 agent supports x64 Windows & Linux. It's written in...
NTLMRecon – A Tool For Performing Light Brute-Forcing Of HTTP Servers To Identify Commonly Accessible NTLM Authentication Endpoints
NTLMRecon is a Golang version of the original NTLMRecon utility written by Sachin Kamath (AKA pwnfoo). NTLMRecon can be leveraged...
Fuzztruction – Prototype Of A Fuzzer That Does Not Directly Mutate Inputs (As Most Fuzzers Do) But Instead Uses A So-Called Generator Application To Produce An Input For Our Fuzzing Target
Fuzztruction is an academic prototype of a fuzzer that does not directly mutate inputs (as most fuzzers do) but instead...
Spartacus – DLL Hijacking Discovery Tool
Why "Spartacus"? If you have seen the film Spartacus from 1960, you will remember the scene where the Romans are...
Teler-Waf – A Go HTTP Middleware That Provides Teler IDS Functionality To Protect Against Web-Based Attacks And Improve The Security Of Go-based Web Applications
teler-waf is a comprehensive security solution for Go-based web applications. It acts as an HTTP middleware, providing an easy-to-use interface...
Metlo – An Open-Source API Security Platform
Secure Your API. Metlo is an open-source API security platform With Metlo you can: Create an Inventory of all your...
hardCIDR – Linux Bash Script To Discover The Netblocks, Or Ranges, Owned By The Target Organization
A Linux Bash script to discover the netblocks, or ranges, (in CIDR notation) owned by the target organization during the...
Sh4D0Wup – Signing-key Abuse And Update Exploitation Framework
Signing-key abuse and update exploitation framework. % docker run -it --rm ghcr.io/kpcyrd/sh4d0wup:edge -hUsage: sh4d0wup <COMMAND>Commands: bait Start a malicious update...
REcollapse Is A Helper Tool For Black-Box Regex Fuzzing To Bypass Validations And Discover Normalizations In Web Applications
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications. It can...
Bearer – Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)
Discover, filter, and prioritize security risks and vulnerabilities impacting your code. Bearer is a static application security testing (SAST) tool...
FirebaseExploiter – Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable
FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for...
PhoneSploit-Pro – An All-In-One Hacking Tool To Remotely Exploit Android Devices Using ADB And Metasploit-Framework To Get A Meterpreter Session
An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework. Complete...
PortEx – Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness,...
auditpolCIS – CIS Benchmark Testing Of Windows SIEM Configuration
CIS Benchmark testing of Windows SIEM configuration This is an application for testing the configuration of Windows Audit Policy settings...
