ModuleShifting is stealthier variation of Module Stomping and Module overloading injection technique. It is actually implemented in Python ctypes so...
Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides...
Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app....
OSDP attack tool (and the Elvish word for friend) Attack #1: Encryption is Optional OSDP supports, but doesn't strictly require,...
Electron_shell Developing a more covert Remote Access Trojan (RAT) tool by leveraging Electron's features for command injection and combining it...
Skyhook is a REST-driven utility used to smuggle files into and out of networks defended by IDS implementations. It comes...
️️ Pinkerton is a Python tool created to crawl JavaScript files and search for secrets Installing / Getting started A...
Set of python scripts which perform different ways of command execution via WMI protocol. Blog Post https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/ Usage wmiexec_scheduledjob.py Is...
Designed to validate potential usernames by querying OneDrive and/or Microsoft Teams, which are passive methods. Additionally, it can output/create a...
AtlasReaper is a command-line tool developed for offensive security purposes, primarily focused on reconnaissance of Confluence and Jira. It...
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines....
" dir="auto"><script> import { download } from './payload.esm';</script> Call download() function: <template> <button @click="download()">Some phishy button</button></template> Happy phishing :) FAQ...
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a...
This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra...
Callisto is an intelligent automated binary vulnerability analysis tool. Its purpose is to autonomously decompile a provided binary and iterate...
PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers. This tool came...
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities....
Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance....
surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by...
Abstract This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging. Online Demo Install...
NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to...
kalipm.sh is a powerful package management tool for Kali Linux that provides a user-friendly menu-based interface to simplify the installation...
VTScanner is a versatile Python tool that empowers users to perform comprehensive file scans within a selected directory for malware...
By looking through CT logs an attacker can gather a lot of information about organization's infrastructure i.e. internal domains,email addresses...
