Qu1Ckdr0P2 – Quicky Serve Files Over Http Or Https Using Flask
Rapidly host payloads and post-exploitation bins over HTTP or HTTPS. Designed to be used on exams like OSCP / PNPT...
hacking
Teams_Dump – PoC For Dumping And Decrypting Cookies In The Latest Version Of Microsoft Teams
PoC for dumping and decrypting cookies in the latest version of Microsoft Teams extract.py just dumps without arguments extract.exe is...
PatchaPalooza – A Comprehensive Tool That Provides An Insightful Analysis Of Microsoft’s Monthly Security Updates
A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates. IF you are interested in seing all...
CloudPulse – AWS Cloud Landscape Search Engine
During the reconnaissance phase, an attacker searches for any information about his target to create a profile that will later...
LooneyPwner – Exploit Tool For CVE-2023-4911, Targeting The ‘Looney Tunables’ Glibc Vulnerability In Various Linux Distributions
Exploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability in various Linux distributions. LooneyPwner is a proof-of-concept (PoC) exploit...
Mailchecker – Cross-language Temporary (Disposable/Throwaway) Email Detection Library. Covers 55 734+ Fake Email Providers
" dir="auto"><script type="text/javascript" src="MailChecker/platform/javascript/MailChecker.js"></script><script type="text/javascript">if(!MailChecker.isValid('[email protected]')){ console.error('O RLY !');}if(!MailChecker.isValid('myemail.com')){ console.error('O RLY !');}</script> PHP include __DIR__."/MailChecker/platform/php/MailChecker.php";if(!MailChecker::isValid('[email protected]')){ die('O RLY !');}if(!MailChecker::isValid('myemail.com')){ die('O RLY !');}...
Arsenal – Just A Quick Inventory And Launcher For Hacking Programs
Arsenal is just a quick inventory, reminder and launcher for pentest commands. This project written by pentesters for pentesters simplify...
PathFinder – Tool That Provides Information About A Website
Web Path Finder is a Python program that provides information about a website. It retrieves various details such as page...
Puncia – Subdomain And Exploit Hunter Powered By AI
Puncia utilizes two of our intelligent APIs - Subdomain Center & Exploit Observer, to gather the results. Please note that...
Facad1ng – The Ultimate URL Masking Tool – An Open-Source URL Masking Tool Designed To Help You Hide Phishing URLs And Make Them Look Legit Using Social Engineering Techniques
Facad1ng is an open-source URL masking tool designed to help you Hide Phishing URLs and make them look legit using...
GATOR – GCP Attack Toolkit For Offensive Research, A Tool Designed To Aid In Research And Exploiting Google Cloud Environments
GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments....
Commander – A Command And Control (C2) Server
Commander is a command and control framework (C2) written in Python, Flask and SQLite. It comes with two agents written in...
SecuSphere – Efficient DevSecOps
SecuSphere is a comprehensive DevSecOps platform designed to streamline and enhance your organization's security posture throughout the software development life...
ILSpy – .NET Decompiler With Support For PDB Generation, ReadyToRun, Metadata (and More) – Cross-Platform!
ILSpy is the open-source .NET assembly browser and decompiler. Decompiler Frontends Aside from the WPF UI ILSpy (downloadable via Releases,...
Gcp_Scanner – A Comprehensive Scanner For Google Cloud
This is a GCP resource scanner that can help determine what level of access certain credentials possess on GCP. The...
JSpector – A Simple Burp Suite Extension To Crawl JavaScript (JS) Files In Passive Mode And Display The Results Directly On The Issues
JSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs, endpoints and dangerous...
HBSQLI – Automated Tool For Testing Header Based Blind SQL Injection
HBSQLI is an automated command-line tool for performing Header Based Blind SQL injection attacks on web applications. It automates the...
Pyxamstore – Python Utility For Parsing Xamarin AssemblyStore Blob Files
This is an alpha release of an assemblies.blob AssemblyStore parser written in Python. The tool is capable of unpack and...
RecycledInjector – Native Syscalls Shellcode Injector
(Currently) Fully Undetected same-process native/.NET assembly shellcode injector based on RecycledGate by thefLink, which is also based on HellsGate +...
Spoofy – Program That Checks If A List Of Domains Can Be Spoofed Based On SPF And DMARC Records
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records....
Sirius – First Truly Open-Source General Purpose Vulnerability Scanner
Sirius is the first truly open-source general purpose vulnerability scanner. Today, the information security community remains the best and most...
DakshSCRA – Source Code Review Assist
Daksh SCRA (Source Code Review Assist) tool is built to enhance the efficiency of the source code review process, providing...
Chromecookiestealer – Steal/Inject Chrome Cookies Over The DevTools Protocol
Attaches to Chrome using its Remote DevTools protocol and steals/injects/clears/deletes cookies. Heavily inspired by WhiteChocolateMacademiaNut. Cookies are dumped as JSON...
S4UTomato – Escalate Service Account To LocalSystem Via Kerberos
Escalate Service Account To LocalSystem via Kerberos. Traditional Potatoes Friends familiar with the "Potato" series of privilege escalation should know...
