SourceWolf – Amazingly Fast Response Crawler To Find Juicy Stuff In The Source Code!
Tested environments: Windows, MAC, linux, and windows subsystem for linux (WSL) What can SourceWolf do? Crawl through responses to find...
Tested environments: Windows, MAC, linux, and windows subsystem for linux (WSL) What can SourceWolf do? Crawl through responses to find...
iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis.iblessing is based...
A golang utility to spider through a website searching for additional links with support for JavaScript rendering.Installgo get -u github.com/iamstoxe/urlgrabFeaturesCustomizable...
Osintgram is a OSINT tool on Instagram.Osintgram offers an interactive shell to perform analysis on Instagram account of any users...
Create a vulnerable active directory that's allowing you to test most of active directory attacks in local lab.Main FeaturesRandomize AttacksFull...
Bluescan is a open source project by Sourcell Xu from DBAPP Security HatLab. Anyone may redistribute copies of bluescan to...
SharpHose is a C# password spraying tool designed to be fast, safe, and usable over Cobalt Strike's execute-assembly. It provides...
Bpytop, bashtop python port is now available at https://github.com/aristocratos/bpytopIt's a lot faster and about a third as cpu heavy and...
Public policy and the Internet of ThingsOver the past few years, the security of the Internet of Things (IoT) has...
The all-in-one Red Team browser extension for Web PentestersHackTools, is a web extension facilitating your web application penetration tests, it...
ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers",...
Well, it's March 179th, 2020, and while we didn't actually get a summer here in 2020, it's time once again...
While giving our talk at the DEF CON Red Team Village a couple of weeks ago, I previewed a PowerShell...
Over the weekend, we were setting up a virtual range for our upcoming class this weekend and was testing a mail server....
Last month we taught our DEF CON 27 workshop, Introduction to Sandbox Evasion and AMSI Bypasses, as a webinar. It...
Anthony Rose | Jake Krasnov As part of the update to Empire that we pushed out today, the OneDrive listener...
Vincent Rose | Jacob Krasnov | Anthony Rose Today we are excited to announce the release of Starkiller! Our multi-user...
Jacob Krasnov | Anthony Rose This blog is going to be the first entry in a series that goes over...
This program allows the user to access a Memory Dump. It can also function as a plugin to the Volatility...
As much as the phrase “a crowded theatre” calls to mind images from bygone days, we’re old enough to remember...
A multi-threaded AWS inventory collection tool.The creators of this tool have a recurring need to be able to efficiently collect...
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified...
Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter ?url= usually...
At Rapid7, we believe that by hiring a team with a strong diversity of mindset, different levels of experience, and...