Red-Shadow – Lightspin AWS IAM Vulnerability Scanner
Scan your AWS IAM Configuration for shadow admins in AWS IAM based on misconfigured deny policies not affecting users in...
tools
Forblaze – A Python Mac Steganography Payload Generator
Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C...
S3-Account-Search – S3 Account Search
This tool lets you find the account id an S3 bucket belongs too. For this to work you need to...
WAF-A-MoLE – A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls
A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller...
AWS Pen-Testing Laboratory – Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet
PenTesting laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wireguard...
Heappy – A Happy Heap Editor To Support Your Exploitation Process
Heappy is an editor based on gdb/gef that helps you to handle the heap during your exploitation development. The project...
Mythic – A Collaborative, Multi-Platform, Red Teaming Framework
A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It's designed to provide...
HoneyCreds – Network Credential Injection To Detect Responder And Other Network Poisoners
HoneyCreds network credential injection to detect responder and other network poisoners. RequirementsRequires Python 3.6+ (tested on Python 3.9)smbprotocolcffisplunk-sdk Installationgit clone https://github.com/Ben0xA/HoneyCreds.gitcd...
SharpHook – Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials
SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials....
CamRaptor – Tool That Exploits Several Vulnerabilities In Popular DVR Cameras To Obtain Network Camera Credentials
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials. FeaturesExploits vulnerabilities in...
BlobHunter – Find Exposed Data In Azure With This Public Blob Scanner
An opensource tool for scanning Azure blob storage accounts for publicly opened blobs. BlobHunter is a part of "Hunting Azure...
RomBuster – A Router Exploitation Tool That Allows To Disclosure Network Router Admin Password
RomBuster is a router exploitation tool that allows to disclosure network router admin password. FeaturesExploits vulnerabilities in most popular routers...
Fully-Homomorphic-Encryption – Libraries And Tools To Perform Fully Homomorphic Encryption Operations On An Encrypted Data Set
This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set.About Fully...
Shreder – A Powerful Multi-Threaded SSH Protocol Password Bruteforce Tool
Shreder is a powerful multi-threaded SSH protocol password brute-force tool. FeaturesVery fast password guessing, just one password in 0.1 second....
DarkLoadLibrary – LoadLibrary For Offensive Operations
LoadLibrary for offensive operations. How does is work?https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/UsageDARKMODULE DarkModule = DarkLoadLibrary( LOAD_LOCAL_FILE, // control flags L"TestDLL.dll", // local dll path,...
CamOver – A Camera Exploitation Tool That Allows To Disclosure Network Camera Admin Password
CamOver is a camera exploitation tool that allows to disclosure network camera admin password. FeaturesExploits vulnerabilities in most popular camera...
HashCheck – Tool To Assist In The Search For Leaked Passwords
This project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the...
Swift-Attack – Unit Tests For Blue Teams To Aid With Building Detections For Some Common macOS Post Exploitation Methods
Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods. I have included...
Squalr – Squalr Memory Editor – Game Hacking Tool Written In C#
Squalr Official Website Join us on our Discord Channel Squalr is performant Memory Editing software that allows users to create...
RdpCacheStitcher – RdpCacheStitcher Is A Tool That Supports Forensic Analysts In Reconstructing Useful Images Out Of RDP Cache Bitmaps
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps. Using raw RDP...
NamedPipePTH – Pass The Hash To A Named Pipe For Token Impersonation
This project is a PoC code to use Pass-the-Hash for authentication on a local Named Pipe user Impersonation. There also...
Ioccheck – A Tool For Simplifying The Process Of Researching IOCs
A tool for simplifying the process of researching file hashes, IP addresses, and other indicators of compromise (IOCs). FeaturesLook up...
FalconEye – Real-time detection software for Windows process injections
FalconEye is a windows endpoint detection software for real-time process injections. It is a kernel-mode driver that aims to catch...
Rustcat – Netcat Alternative
AboutRustcat is a port listener that can be used for different purposes. It is basically like netcat but with fewer...
