ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you...
ANDRAX is a Penetration Testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like...
Get files from Android directories, internal and external storage (Pictures, Downloads, Whatsapp, Videos, ...)Legal disclaimer:Usage of DroidFiles for attacking targets...
All-in-one tool for managing vulnerability reportsWhyThe goal of Purify to be an easy-in-use and efficient tool to simplify a workflow...
Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by...
Project iKy is a tool that collects information from an email and shows results in a nice visual interface.Visit the...
Where we would expect the “day interval” to simply count up from 0 (only appeared one day) to 1,2,3, etc.,...
RepoPeek is a Python script to get details about a repository without cloning it. All the information are retrieved using...
Pivot into the internal network by deploying HTTP agents. Pivotnacci allows you to create a socks server which communicates with...
For fast-moving security teams today, it’s about doing more with less—in other words, leveraging the tools and resources you use...
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all...
FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new...
Now more than ever, healthcare workers need and deserve top-notch technical support. But between skyrocketing demand for telepractitioners and rising...
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.InstallationDownload precompiled...
Working and learning have gone remote, and we have to come to terms with this new reality. Nowadays, several organizations...
AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This...
Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass...
S3BucketList is a Firefox plugin that records S3 Buckets found in requests. It is currently a work in progress and...
Geolocator, Ip Tracker, Device Info by URL (Serveo and Ngrok). It uses tinyurl to obfuscate the Serveo link.Legal disclaimer:Usage of...
GuardedBox is an open-source online client-side manager for secure storage and secrets sharing.It allows users to upload secrets to a...
This new release brings strong improvements to your security team’s daily performance, allowing them to operate quicker and smarter by...
Minimalistic SMB login bruteforcer (smblogin.ps1)A simple SMB login attack and password spraying tool.It takes a list of targets and credentials...
Carina is a web application used to store webshell, Virtual Private Server (VPS) and cPanel data. Carina is made so...
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing...
