PKINITtools – Tools For Kerberos PKINIT And Relaying To AD CS
This repository contains some utilities for playing with PKINIT and certificates. The tools are built on minikerberos and impacket. Accompanying...
tools
SharpML – Machine Learning Network Share Password Hunting Toolkit
SharpML is a proof of concept file share data mining tool using Machine Learning in Python and C#. The tool...
Webstor – A Script To Quickly Enumerate All Websites Across All Of Your Organization’S Networks, Store Their Responses, And Query For Known Web Technologies, Such As Those With Zero-Day Vulnerabilities
WebStor is a tool implemented in Python under the MIT license for quickly enumerating all websites across all of your...
Kodex – A Privacy And Security Engineering Toolkit: Discover, Understand, Pseudonymize, Anonymize, Encrypt And Securely Share Sensitive And Personal Data: Privacy And Security As Code
Kodex (Community Edition - CE) is an open-source toolkit for privacy and security engineering. It helps you to automate data...
LittleCorporal – A C# Automated Maldoc Generator
LittleCorporal: A C# Automated Maldoc Generator C:LittleCorporalbinRelease>LittleCorporal.exe C:beacon.bin explorer.exe.____ .__ __ __ .__ _________ .__| | |__|/ |__/ |_| |...
SharpSpray – Active Directory Password Spraying Tool. Auto Fetches User List And Avoids Potential Lockouts
SharpSpray is a Windows domain password spraying tool written in .NET C#. IntroductionSharpSpray is a C# port of DomainPasswordSpray with...
StreamDivert – Redirecting (Specific) TCP, UDP And ICMP Traffic To Another Destination
StreamDivert is a tool to man-in-the-middle or relay in and outgoing network connections on a system. It has the ability...
Cloudquery – Transforms Your Cloud Infrastructure Into SQL Database For Easy Monitoring, Governance And Security
CloudQuery transforms your cloud infrastructure into queryable SQL for easy monitoring, governance and security.What is CloudQuery and why use it?CloudQuery...
JadedWraith – Light-weight UNIX Backdoor
Lightweight UNIX backdoor for ethical hacking. Useful for red team engagements and CTFs. Something I wrote a few years ago...
DongTai – An Interactive Application Security testing(IAST) Product That Supports The Detection Of OWASP WEB TOP 10 Vulnerabilities, Multi-Request Related Vulnerabilities (Including Logic Vulnerabilities, Unauthorized Access Vulnerabilities, Etc.), Third-Party Component Vulnerabilities, Etc.
中文版本(Chinese version) About DongTai IASTDongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and...
QueenSono – Golang Binary For Data Exfiltration With ICMP Protocol
QueenSono tool only relies on the fact that ICMP protocol isn't monitored. It is quite common. It could also been...
PoW-Shield – Project Dedicated To Fight DDoS And Spam With Proof Of Work, Featuring An Additional WA
Project dedicated to provide DDoS protection with proof-of-workDescriptionPoW Shield provides DDoS protection on OSI application layer by acting as a...
Haklistgen – Turns Any Junk Text Into A Usable Wordlist For Brute-Forcing
Turns any junk text into a usable wordlist for brute-forcing.Installationgo install github.com/hakluke/haklistgen@latest Usage ExamplesScrape all words out of an HTTP...
Reconky – A Great Content Discovery Bash Script For Bug Bounty Hunters Which Automate Lot Of Task And Organized It
Reconky is a script written in bash to automate the task of recon and information gathering.This Bash Script allows you...
JSPanda – Client-Side Prototype Pullution Vulnerability Scanner
Source code analysis - Screenshot Supporting Materials : https://twitter.com/har1sec/status/1314469278322655233 https://github.com/BlackFan/client-side-prototype-pollution https://github.com/ThePacketBender/notes/blob/01c0b834f6e3ee4d934b087b2d92c9e484dc2a50/web/prototype_pollution.txt https://habr.com/ru/company/huawei/blog/547178/ https://infosecwriteups.com/javascript-prototype-pollution-practice-of-finding-and-exploitation-f97284333b2 https://github.com/securitum/research/tree/master/r2020_prototype-pollution Learn Prototype Pollution in Series -...
Wordlistgen – Quickly Generate Context-Specific Wordlists For Content Discovery From Lists Of URLs Or Paths
wordlistgen is a tool to pass a list of URLs and get back a list of relevant words for your...
AES256_Passwd_Store – Secure Open-Source Password Manager
This script securely encrypts or decrypts passwords on disk within a custom database file. It also features functionality to retrieve...
DirSearch – A Go Implementation Of Dirsearch
This software is a Go implementation of the original dirsearch tool written by Mauro Soria. DirSearch is the very first...
PyHook – An Offensive API Hooking Tool Written In Python Designed To Catch Various Credentials Within The API Call
PyHook is the python implementation of my SharpHook project, It uses various API hooks in order to give us the...
Weakpass – Rule-Based Online Generator To Create A Wordlist Based On A Set Of Words
The tool generates a wordlist based on a set of words entered by the user.For example, during penetration testing, you...
MailRipV2 – Improved SMTP Checker / SMTP Cracker With Proxy-Support, Inbox Test And Many More Features
Your SMTP checker / SMTP cracker for mailpass combolists including features like: proxy-support (SOCKS4 / SOCKS5) with automatic proxy-scraper and...
CrowdSec – An Open-Source Massively Multiplayer Firewall Able To Analyze Visitor Behavior And Provide An Adapted Response To All Kinds Of Attacks
CrowdSec is a free, modern & collaborative behavior detection engine, coupled with a global IP reputation network. It stacks on...
PS2EXE – Module To Compile Powershell Scripts To Executables
Overworking of the great script of Ingo Karstein with GUI support. The GUI output and input is activated with one...
InlineExecute-Assembly – A PoC Beacon Object File (BOF) That Allows Security Professionals To Perform In Process .NET Assembly Execution
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly...
