Web Cache Vulnerability Scanner – A Go-based CLI Tool For Testing For Web Cache Poisoning
Web Cache Vulnerability Scanner (WCVS) is a fast and versatile CLI scanner for web cache poisoning developed by Hackmanit.The scanner...
tools
Mesh-Kridik – An Open-Source Security Checker That Performs Various Security Checks On A Kubernetes Cluster With Istio Service Mesh And Is Leveraged By OPA (Open Policy Agent) To Enforce Security Rules
Enhance your RequirementsGo 1.16+jqistioInstallationgit clone https://github.com/chen-keinan/mesh-kridikcd mesh-kridikmake buildNote: mesh-kridik require root user to be executedQuick StartExecute Mesh-Kridik without any flags...
Mariana Trench – Security Focused Static Analysis Tool For Android And Java Applications
Mariana Trench is a security focused The issue tells you that Mariana Trench found a remote code execution in MainActivity.onCreate...
log4j-scan – A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts
A fully automated, accurate, and extensive scanner for finding DescriptionWe have been researching the Log4J RCE (CVE-2021-44228) since it was...
Log4J-Detector – Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046
Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046. It is able to...
Jektor – A Windows User-Mode Shellcode Execution Tool That Demonstrates Various Techniques That Malware Uses
This utility focuses on shellcode Anti-virus detection?:Pre-pending a set of NOPs to a Msfvenom XOR encrypted shellcode payload while using...
Haptyc – Test Generation Framework
Haptyc is a python library which was built to add payload position support and Sniper/Clusterbomb/Batteringram/Pitchfork attack types into Turbo Intruder....
FiddleZAP – A Simplified Version Of EKFiddle For OWASP ZAP
FiddleZAP is a simplified version of There are 2 Select the following parameters:It now shows under standalone: Passive RulesNext, install the...
CloudSpec – An Open Source Tool For Validating Your Resources In Your Cloud Providers Using A Logical Language
CloudSpec is an open source tool for validating your resources in your cloud providers using a logical language that everybody...
CaptfEncoder – An Extensible Cross Platform Network Security Tool Suite
Captfencoder is an extensible CaptfEncoder all functions provided are based on UseMethod always downloads the executablehttps://github.com/guyoung/CaptfEncoder/releasesBaidu network disk https://pan.baidu.com/s/1q2N1w44bvYIXLe5gCI5oKA Password:...
ADenum – A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos
AD Enum is a Microsoft Advanced Threat Analytics ATA detects two suspicious events but does not trigger an alert: The...
Tarian – Antivirus for Kubernetes
We want to maintain this as an open-source project to fight against the attacks on our favorite Prerequisites A kubernetes...
DInjector – Collection Of Shellcode Injection Techniques Packed In A D/Invoke Weaponized DLL
This repository is an accumulation of my code snippets for various shellcode injection techniques using fantastic D/Invoke API by @TheWover...
AFLTriage – Tool To Triage Crashing Input Files Using A Debugger
AFLTriage is a tool to triage crashing input files using a debugger. It is designed to be portable and not...
O365Spray – Username Enumeration And Password Spraying Tool Aimed At Microsoft O365
For educational, authorized and/or research purposes only. o365spray a username enumeration and password spraying tool aimed at Microsoft Office 365...
SMBeagle – Fileshare Auditing Tool That Hunts Out All Files It Can See In The Network And Reports If The File Can Be Read And/Or Written
SMBeagle is an (SMB) fileshare auditing tool that hunts out all files it can see in the network and reports...
Fileless-Xec – Stealth Dropper Executing Remote Binaries Without Dropping Them On Disk
Certainly useful , mainly for fun, rougly inspired by 0x00 article Pentest use: fileless-xec is used on target machine to...
KaliIntelligenceSuite – Shall Aid In The Fast, Autonomous, Central, And Comprehensive Collection Of Intelligence By Executing Standard Penetration Testing Tools
Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by automatically: executing...
Swurg – Parse OpenAPI Documents Into Burp Suite For Automating OpenAPI-based APIs Security Assessments
Swurg is a Burp Suite extension designed for OpenAPI testing. The OpenAPI Specification (OAS) defines a standard, programming language-agnostic interface...
STEWS – A Security Tool For Enumerating WebSockets
STEWS is a tool suite for security testing of WebSockets This research was first presented at OWASP Global AppSec US...
Toutatis – A Tool That Allows You To Extract Information From Instagrams Accounts Such As E-Mails, Phone Numbers And More
Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more...
Forbidden – Bypass 4Xx HTTP Response Status Codes
Bypass 4xx HTTP response status codes. Based on PycURL. Script uses multithreading, and is based on brute forcing so might...
AirStrike – Automatically Grab And Crack WPA-2 Handshakes With Distributed Client-Server Architecture
Tool that automates cracking of WPA-2 Wi-Fi credentials using client-server architecture Requirements Airstrike uses Hashcat Brain Architecture, aircrack-ng suite, entr...
IAM Vulnerable – Use Terraform To Create Your Own Vulnerable By Design AWS IAM Privilege Escalation Playground
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground. IAM Vulnerable uses the Terraform binary...
