BypassFuzzer – Fuzz 401/403/404 Pages For Bypasses
The original 403fuzzer.py :) Fuzz 401/403ing endpoints for bypasses This tool performs various checks via headers, path normalization, verbs, etc....
hacking
PingRAT – Secretly Passes C2 Traffic Through Firewalls Using ICMP Payloads
PingRAT secretly passes C2 traffic through firewalls using ICMP payloads. Features: Uses ICMP for Command and Control Undetectable by most...
LOLSpoof – An Interactive Shell To Spoof Some LOLBins Command Line
LOLSpoof is a an interactive shell program that automatically spoof the command line arguments of the spawned process. Just call...
SQLMC – Check All Urls Of A Domain For SQL Injections
SQLMC (SQL Injection Massive Checker) is a tool designed to scan a domain for SQL injection vulnerabilities. It crawls the...
BadExclusionsNWBO – An Evolution From BadExclusions To Identify Folder Custom Or Undocumented Exclusions On AV/EDR
BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR. How it works? BadExclusionsNWBO copies...
NTLM Relay Gat – Powerful Tool Designed To Automate The Exploitation Of NTLM Relays
NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM relays using ntlmrelayx.py from the Impacket...
Ioctlance – A Tool That Is Used To Hunt Vulnerabilities In X64 WDM Drivers
Description Presented at CODE BLUE 2023, this project titled Enhanced Vulnerability Hunting in WDM Drivers with Symbolic Execution and Taint...
Gftrace – A Command Line Windows API Tracing Tool For Golang Binaries
A command line Windows API tracing tool for Golang binaries. Note: This tool is a PoC and a work-in-progress prototype...
HardeningMeter – Open-Source Python Tool Carefully Designed To Comprehensively Assess The Security Hardening Of Binaries And Systems
HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems. Its robust...
JS-Tap – JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post Exploitation Implant To Monitor Users As They Use The Targeted Application
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they...
MasterParser – Powerful DFIR Tool Designed For Analyzing And Parsing Linux Logs
What is MasterParser ? MasterParser stands as a robust Digital Forensics and Incident Response tool meticulously crafted for the analysis...
C2-Cloud – The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The Life Of Penetration Testers
The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy...
OSTE-Web-Log-Analyzer – Automate The Process Of Analyzing Web Server Logs With The Python Web Log Analyzer
Automate the process of analyzing web server logs with the Python Web Log Analyzer. This powerful tool is designed to...
ThievingFox – Remotely Retrieving Credentials From Password Managers And Windows Utilities
ThievingFox is a collection of post-exploitation tools to gather credentials from various password managers and windows utilities. Each module leverages...
Galah – An LLM-powered Web Honeypot Using The OpenAI API
TL;DR: Galah (/ɡəˈlɑː/ - pronounced 'guh-laa') is an LLM (Large Language Model) powered web honeypot, currently compatible with the OpenAI...
CrimsonEDR – Simulate The Behavior Of AV/EDR For Malware Development Training
CrimsonEDR is an open-source project engineered to identify specific malware patterns, offering a tool for honing skills in circumventing Endpoint...
Url-Status-Checker – Tool For Swiftly Checking The Status Of URLs
Status Checker is a Python script that checks the status of one or multiple URLs/domains and categorizes them based on...
CSAF – Cyber Security Awareness Framework
The Cyber Security Awareness Framework (CSAF) is a structured approach aimed at enhancing Cybersecurity" title="Cybersecurity">cybersecurity awareness and understanding among individuals,...
Espionage – A Linux Packet Sniffing Suite For Automated MiTM Attacks
Espionage is a network packet sniffer that intercepts large amounts of data being passed through an interface. The tool allows...
HackerInfo – Infromations Web Application Security
Infromations Web Application Security install : sudo apt install python3 python3-pippip3 install termcolorpip3 install googlepip3 install optioncompletepip3 install bs4pip3 install...
C2-Tracker – Live Feed Of C2 Servers, Tools, And Botnets
Free to use IOC feed for various tools/malware. It started out for just C2 tools but has morphed into tracking...
VectorKernel – PoCs For Kernelmode Rootkit Techniques Research
PoCs for Kernelmode rootkit techniques research or education. Currently focusing on Windows OS. All modules support 64bit OS only. NOTE...
Cookie-Monster – BOF To Steal Browser Cookies & Credentials
Steal browser cookies for edge, chrome and firefox through a BOF or exe! Cookie-Monster will extract the WebKit master key,...
NoArgs – Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected
NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking...
