Krane – Kubernetes RBAC Static Analysis And Visualisation Tool
Krane is a simple Kubernetes RBAC static analysis tool. It identifies potential security risks in K8s RBAC design and makes...
tools
Typodetect – Detect The Active Mutations Of Domains
This tool gives blue teams, SOC's, researchers and companies the ability to detect the active mutations of their domains, thus...
Shepard – In Progress Persistent Download/Upload/Execution Tool Using Windows BITS
This is an IN PROGRESS persistance tool using Windows Background Intelligent Transfer Service (BITS). Functionality: File Download, File Exfiltration, File...
Metarget – Framework Providing Automatic Constructions Of Vulnerable Infrastructures
1 IntroductionMetarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated...
Penglab – Abuse Of Google Colab For Cracking Hashes
Abuse of Google Colab for fun and profit. What is it ?Penglab is a ready-to-install setup on Google Colab for...
Bn-Uefi-Helper – Helper Plugin For Analyzing UEFI Firmware
Helper plugin for analyzing UEFI firmware. This plugin contains the following features: Apply the correct prototype to the entry point...
403Fuzzer – Fuzz 403/401Ing Endpoints For Bypasses
Fuzz 403ing endpoints for bypasses Follow on twitter! @intrudirThis tool will check the endpoint with a couple of headers such...
Onelinepy – Python Obfuscator To Generate One-Liners And FUD Payloads
 Python Obfuscator To Generate One-Liners And FUD Payloads.Download & Rungit clone https://github.com/spicesouls/onelinepycd onelinepychmod +x setup.sh./setup.shonelinepy Usage Guide _ _ ___...
Arkhota – A Web Brute Forcer For Android
What?Arkhota is a web (HTTP/S) brute forcer for Android. Why?A web brute forcer is always in a hacker's computer, for...
Dent – A Framework For Creating COM-based Bypasses Utilizing Vulnerabilities In Microsoft’s WDAPT Sensors
More InformationIf you want to learn more about the techniques utlized in this framework please take a look at this...
magicRecon – A Powerful Shell Script To Maximize The Recon And Data Collection Process Of An Objective And Finding Common Vulnerabilities
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common...
Bucky – An Automatic S3 Bucket Discovery Tool
Bucky is an automatic tool designed to discover S3 bucket misconfiguration, Bucky consists up of two modules Bucky firefox addon...
Kaiju – A Binary Analysis Framework Extension For The Ghidra Software Reverse Engineering Suite
CERT Kaiju is a collection of binary analysis tools for Ghidra. This is a Ghidra/Java implementation of some features of...
CheeseTools – Self-developed Tools For Lateral Movement/Code Execution
This repository has been made basing onto the already existing MiscTool, so big shout-out to rasta-mouse for releasing them and...
IMAPLoginTester – Script That Reads A Text File With Lots Of E-Mails And Passwords, And Tries To Check If Those Credentials Are Valid By Trying To Login On IMAP Servers
IMAPLoginTester is a simple Python script that reads a text file with lots of e-mails and passwords, and tries to...
slopShell – The Only Php Webshell You Need
php webshell Since I derped, and forgot to talk about usage. Here goes. For this shell to work, you need...
HookDump – Security Product Hook Detection
EDR function hook dumping Please refer to the Zeroperil blog post for more information https://zeroperil.co.uk/hookdump/Building sourceIn order to build this...
AnalyticsRelationships – Get Related Domains / Subdomains By Looking At Google Analytics IDs
subdomains by looking at Google Analytics IDs > Python/GO versions > By @JosueEncinar ">> Get related domains / subdomains by...
Dystopia – Low To Medium Multithreaded Ubuntu Core Honeypot Coded In Python
Low to medium Ubuntu Core honeypot coded in Python.FeaturesOptional Login Prompt Logs commands used and IP addresses Customize MOTD, Port,...
FireStorePwn – Firestore Database Vulnerability Scanner Using APKs
fsp scans an APK and checks the Firestore database for rules that are not secure, testing with or without authentication....
DNS-Black-Cat(DBC) – Multi Platform Toolkit For An Interactive DNS Shell Commands Exfiltration, By Using DNS-Cat You Will Be Able To Execute System Commands In Shell Mode Over DNS Protocol
Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in...
Qvm-Create-Windows-Qube – Spin Up New Windows Qubes Quickly, Effortlessly And Securely
qvm-create-windows-qube is a tool for quickly and conveniently installing fresh new Windows qubes with Qubes Windows Tools (QWT) drivers automatically....
Php_Code_Analysis – San your PHP code for vulnerabilities
This script will scan your codethe script can find check_file_upload issues host_header_injection SQl injection insecure deserialization open_redirect SSRF XSS LFI...
Solr-GRAB – Steal Apache Solr Instance Queries With Or Without A Username And Password
Steal Apache Solr instance Queries with or without a username and password. DISCLAIMER: This project should be used for authorized...
