IpGeo – Tool To Extract IP Addresses From Captured Network Traffic File
IpGeo is a python tool to extract IP addresses from captured network traffic file (pcap/pcapng) and generate csv report containing...
hacking
DataSurgeon – Quickly Extracts IP’s, Email Addresses, Hashes, Files, Credit Cards, Social Secuirty Numbers And More From Text
DataSurgeon (ds) is a versatile tool designed for incident response, penetration testing, and CTF challenges. It allows for the extraction...
C-99-Shell-PHP7 – PHP 7 And Safe-Build Update Of The Popular C-99 Variant Of PHP Shell
C-99-Shell-PHP7 PHP 7 and safe-build Update of the popular C-99 variant of PHP Shell. c-99-shell.php v.2.0 (PHP...
Heap_Detective – The Simple Way To Detect Heap Memory Pitfalls In C++ And C
This tool uses the taint analysis technique for static analysis and aims to identify points of heap memory usage vulnerabilities...
Aws-Security-Assessment-Solution – An AWS Tool To Help You Create A Point In Time Assessment Of Your AWS Account Using Prowler And Scout As Well As Optional AWS Developed Ransomware Checks
Self-Service Security Assessment too l Cybersecurity remains a very important topic and point of concern for many CIOs, CISOs, and...
Suborner – The Invisible Account Forger
What's this? A simple program to create a Windows account you will only know about :) Create invisible local accounts...
Monomorph – MD5-Monomorphic Shellcode Packer – All Payloads Have The Same MD5 Hash
════════════════════════════════════╦═══ ╔═╦═╗ ╔═╗ ╔═╗ ╔═╗ ╔═╦═╗ ╔═╗ ╔══╔═╗ ╠═╗ ═╩ ╩ ╩═╚═╝═╩ ╩═╚═╝═╩ ╩ ╩═╚═╝═╩ ╠═╝═╩ ╩═ ════════════════════════════════╩═══════ By Retr0id...
Winevt_Logs_Analysis – Searching .Evtx Logs For Remote Connections
Simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for...
EAST – Extensible Azure Security Tool – Documentation
Extensible Azure Security Tool (Later referred as E.A.S.T) is tool for assessing Azure and to some extent Azure AD security...
Sandfly-Entropyscan – Tool To Detect Packed Or Encrypt ed Binaries Related To Malware, Finds Malicious Files And Linux Processes And Gives Output With Cryptographic Hashes
What is sandfly-entropyscan? sandfly-entropyscan is a utility to quickly scan files or running processes and report on their entropy (measure...
DFShell – The Best Forwarded Shell
██████╗ ███████╗███████╗██╗ ██╗███████╗██╗ ██╗ ██╔══██╗██╔════╝██╔════╝██║ ██║███╔═══╝██║ ██║ ██║ ██║█████╗ ███████╗███████║█████╗ ██║ ██║ ██║ ██║██╔══╝ ╚════██║██╔══██║██╔══╝ ██║ ██║ ██████╔╝██║ ███████║██║ ██║███████╗████████╗███████╗╚═════╝...
Yaralyzer – Visually Inspect And Force Decode YARA And Regex Matches Found In Both Binary And Text Data, With Colors
Visually inspect all of the regex matches (and their sexier, more cloak and dagger cousins, the YARA matches) found in...
SSTImap – Automatic SSTI Detection Tool With Interactive Interface
SSTImap is a penetration testing software that can check websites for Code Injection and Server-Side Template Injection vulnerabilities and...
BlueHound – Tool That Helps Blue Teams Pinpoint The Security Issues That Actually Matter
BlueHound is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining information about...
GUAC – Aggregates Software Security Metadata Into A High Fidelity Graph Database
Note: GUAC is under active development - if you are interested in contributing, please look at contributor guide and the...
DC-Sonar – Analyzing AD Domains For Security Risks Related To User Accounts
DC Sonar Community Repositories The project consists of repositories: dc-sonar-frontend dc-sonar-user-layer dc-sonar-workers-layer ntlm-scrutinizer Disclaimer It's only for education purposes. Avoid...
Get-AppLockerEventlog – Script For Fetching Applocker Event Log By Parsing The Win-Event Log
This script will parse all the channels of events from the win-event log to extract all the log relatives to...
SQLiDetector – Helps You To Detect SQL Injection “Error Based” By Sending Multiple Requests With 14 Payloads And Checking For 152 Regex Patterns For Different Databases
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests...
Popeye – A Kubernetes Cluster Resource Sanitizer
Popeye - A Kubernetes Cluster Sanitizer Popeye is a utility that scans live Kubernetes cluster and reports potential issues with...
Tai-e – An Easy-To-Learn/Use Static Analysis Framework For Java
Tai-e What is Tai-e? Tai-e (Chinese: 太阿; pronunciation: ) is a new static analysis framework for Java (please see our...
Ghauri – An Advanced Cross-Platform Tool That Automates The Process Of Detecting And Exploiting SQL Injection Security Flaws
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws Requirements Python 3 Python...
DragonCastle – A PoC That Combines AutodialDLL Lateral Movement Technique And SSP To Scrape NTLM Hashes From LSASS Process
A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process. Description Upload a...
Kscan – Simple Asset Mapping Tool
0 Disclaimer (The author did not participate in the XX action, don't trace it) This tool is only for legally...
APTRS – Automated Penetration Testing Reporting System
APTRS (Automated Penetration Testing Reporting System) is an automated reporting tool in Python and Django. The tool allows Penetration testers...
