Apepe – Enumerate Information From An App Based On The APK File
Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app....
hacking
Mellon – OSDP Attack Tool
OSDP attack tool (and the Elvish word for friend) Attack #1: Encryption is Optional OSDP supports, but doesn't strictly require,...
Electron_Shell – Developing A More Covert Remote Access Trojan (RAT) Tool By Leveraging Electron’s Features For Command Injection And Combining It With Remote Control Methods
Electron_shell Developing a more covert Remote Access Trojan (RAT) tool by leveraging Electron's features for command injection and combining it...
Skyhook – A Round-Trip Obfuscated HTTP File Transfer Setup Built To Bypass IDS Detections
Skyhook is a REST-driven utility used to smuggle files into and out of networks defended by IDS implementations. It comes...
Pinkerton – An JavaScript File Crawler And Secret Finder Developed In Python
️️ Pinkerton is a Python tool created to crawl JavaScript files and search for secrets Installing / Getting started A...
WMIExec – Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol
Set of python scripts which perform different ways of command execution via WMI protocol. Blog Post https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/ Usage wmiexec_scheduledjob.py Is...
KnockKnock – Enumerate Valid Users Within Microsoft Teams And OneDrive With Clean Output
Designed to validate potential usernames by querying OneDrive and/or Microsoft Teams, which are passive methods. Additionally, it can output/create a...
AtlasReaper – A Command-Line Tool For Reconnaissance And Targeted Write Operations On Confluence And Jira Instances
AtlasReaper is a command-line tool developed for offensive security purposes, primarily focused on reconnaissance of Confluence and Jira. It...
EDRaser – Tool For Remotely Deleting Access Logs, Windows Event Logs, Databases, And Other Files
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines....
HTMLSmuggler – HTML Smuggling Generator And Obfuscator For Your Red Team Operations
" dir="auto"><script> import { download } from './payload.esm';</script> Call download() function: <template> <button @click="download()">Some phishy button</button></template> Happy phishing :) FAQ...
Dynmx – Signature-based Detection Of Malware Features Based On Windows API Call Sequences
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a...
Sekiryu – Comprehensive Toolkit For Ghidra Headless
This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra...
Callisto – An Intelligent Binary Vulnerability Analysis Tool
Callisto is an intelligent automated binary vulnerability analysis tool. Its purpose is to autonomously decompile a provided binary and iterate...
SMShell – Send Commands And Receive Responses Over SMS From Mobile Broadband Capable Computers
PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers. This tool came...
ADCSKiller – An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities....
Promptmap – Automatically Tests Prompt Injection Attacks On ChatGPT Instances
Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance....
Surf – Escalate Your SSRF Vulnerabilities On Modern Cloud Environments
surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by...
Z9 – PowerShell Script Analyzer
Abstract This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging. Online Demo Install...
NucleiFuzzer – Powerful Automation Tool For Detecting XSS, SQLi, SSRF, Open-Redirect, Etc.. Vulnerabilities In Web Applications
NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to...
KaliPackergeManager – Kali Packerge Manager
kalipm.sh is a powerful package management tool for Kali Linux that provides a user-friendly menu-based interface to simplify the installation...
VTScanner – A Comprehensive Python-based Security Tool For File Scanning, Malware Detection, And Analysis In An Ever-Evolving Cyber Landscape
VTScanner is a versatile Python tool that empowers users to perform comprehensive file scans within a selected directory for malware...
Moniorg – Tool That Leverages Crt.Sh Website To Monitor Domains Of A Target
By looking through CT logs an attacker can gather a lot of information about organization's infrastructure i.e. internal domains,email addresses...
HTTP-Shell – MultiPlatform HTTP Reverse Shell
HTTP-Shell is Multiplatform Reverse Shell. This tool helps you to obtain a shell-like interface on a reverse connection over HTTP....
EmploLeaks – Finding Leaked Employees Info for the Win
Developed by Faraday security researchers, this cutting-edge tool utilizes the power of OpenSource Intelligence techniques. EmploLeaks extracts valuable insights by...
