Noir – An Attack Surface Detector Form Source Code
Noir is an attack surface detector form source code. Key Features Automatically identify language and framework from source code. Find...
tools
DNSWatch – DNS Traffic Sniffer and Analyzer
DNSWatch is a Python-based tool that allows you to sniff and analyze DNS (Domain Name System) traffic on your network....
Poastal – The Email OSINT Tool
Poastal is an email OSINT tool that provides valuable information on any email address. With Poastal, you can easily input...
Holehe – Tool To Check If The Mail Is Used On Different Sites Like Twitter, Instagram And Will Retrieve Information On Sites With The Forgotten Password Function
Holehe Online Version Summary Efficiently finding registered accounts from emails. Holehe checks if an email is attached to an account...
Evil QR – Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice
Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing. It...
AD_Enumeration_Hunt – Collection Of PowerShell Scripts And Commands That Can Be Used For Active Directory (AD) Penetration Testing And Security Assessment
Description Welcome to the AD Pentesting Toolkit! This repository contains a collection of PowerShell scripts and commands that can be...
MSSqlPwner – An Advanced And Versatile Pentesting Tool Designed To Seamlessly Interact With MSSQL Servers And Based On Impacket
MSSqlPwner is an advanced and versatile pentesting tool designed to seamlessly interact with MSSQL servers and based on Impacket. The...
HEDnsExtractor – Raw Html Extractor From Hurricane Electric Portal
HEDnsExtractor Raw html extractor from Hurricane Electric portal Features Automatically identify IPAddr ou Networks through command line parameter or stdin...
Xsubfind3R – A CLI Utility To Find Domain’S Known Subdomains From Curated Passive Online Sources
xsubfind3r is a command-line interface (CLI) utility to find domain's known subdomains from curated passive online sources. Features Fetches domains...
Bryobio – NETWORK Pcap File Analysis
NETWORK Pcap File Analysis, It was developed to speed up the processes of SOC Analysts during analysis Tested OK DebianOK...
Columbus-Server – API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features
Columbus Project is an API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features. Columbus returned 638...
Xcrawl3R – A CLI Utility To Recursively Crawl Webpages
xcrawl3r is a command-line interface (CLI) utility to recursively crawl webpages i.e systematically browse webpages' URLs and follow links to...
NixImports – A .NET Malware Loader, Using API-Hashing To Evade Static Analysis
A .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis How does it work? NixImports uses my...
Chaos – Origin IP Scanning Utility Developed With ChatGPT
chaos is an 'origin' IP scanner developed by RST in collaboration with ChatGPT. It is a niche utility with an...
InfoHound – An OSINT To Extract A Large Amount Of Data Given A Web Domain Name
During the reconnaissance phase, an attacker searches for any information about his target to create a profile that will later...
HackBot – A Simple Cli Chatbot Having Llama2 As Its Backend Chat AI
Welcome to HackBot, an AI-powered cybersecurity chatbot designed to provide helpful and accurate answers to your cybersecurity-related queries and also...
Redeye – A Tool Intended To Help You Manage Your Data During A Pentest Operation
This project was built by pentesters for pentesters. Redeye is a tool intended to help you manage your data during...
Chimera – Automated DLL Sideloading Tool With EDR Evasion Capabilities
While DLL sideloading can be used for legitimate purposes, such as loading necessary libraries for a program to function, it...
Trawler – PowerShell Script To Help Incident Responders Discover Adversary Persistence Mechanisms
Dredging Windows for Persistence What is it? Trawler is a PowerShell script designed to help Incident Responders discover potential indicators...
IMDShift – Automates Migration Process Of Workloads To IMDSv2 To Avoid SSRF Attacks
AWS workloads that rely on the metadata endpoint are vulnerable to Server-Side Request Forgery (SSRF) attacks. IMDShift automates the migration...
PrivKit – Simple Beacon Object File That Detects Privilege Escalation Vulnerabilities Caused By Misconfigurations On Windows OS
PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS. PrivKit detects...
KRBUACBypass – UAC Bypass By Abusing Kerberos Tickets
This POC is inspired by James Forshaw (@tiraniddo) shared at BlackHat USA 2022 titled “Taking Kerberos To The Next Level...
CakeFuzzer – Automatically And Continuously Discover Vulnerabilities In Web Applications Created Based On Specific Frameworks
Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based...
Network_Assessment – With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor
With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded...
