MyJWT – A Cli For Cracking, Testing Vulnerabilities On Json Web Token (JWT)
This cli is for pentesters, CTF players, or dev. You can modify your jwt, sign, inject ,etc... Check Documentation for...
tools
SysWhispers2 – AV/EDR Evasion Via Direct System Calls
SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. All core syscalls are...
ByteDance-HIDS – A Cloud-Native Host-Based Intrusion Detection Solution Project To Provide Next-Generation Threat Detection And Behavior Audition With Modern Architecture
ByteDance-HIDS is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture....
Ssh-Mitm – Ssh Mitm Server For Security Audits Supporting Public Key Authentication, Session Hijacking And File Manipulation
ssh-mitm is an intercepting (mitm) proxy server for security audits. Redirect/mirror Shell to another ssh client supported in 0.2.8 Replace...
Stegbrute – Fast Steganography Bruteforce Tool Written In Rust Useful For CTF’s
stegbrute is a fast steganography brute force tool written in Rust using also threads to achieve a faster executionDependenciesStegbrute cannot...
Pineapple-MK7-REST-Client – WiFi Hacking Workflow With Pineapple Mark 7 API
PINEAPPLE MK7 REST CLIENTThe leading rogue access point and WiFi pentest toolkit for close access operations. Passive and active attacks...
K55 – Linux X86_64 Process Injection Utility | Manipulate Processes With Customized Payloads
(pronounced: "kay fifty-five") The K55 payload injection tool is used for injecting x86_64 shellcode payloads into running processes. The utility...
Umbrella_android – Digital And Physical Security Advice App
Umbrella is an Android mobile app developed by Security First that provides human rights defenders with the information on what...
RadareEye – A Tool Made For Specially Scanning Nearby devices [BLE, Bluetooth And Wifi] And Execute Our Given Command On Our System When The Target Device Comes In-Between Range
A tool made for specially scanning nearby devices and execute our given command on our system when the target device...
Patch Tuesday – January 2021
We arrive at the first Patch Tuesday of 2021 (2021-Jan) with 83 vulnerabilities across our standard spread of products. Windows...
ProtOSINT – A Python Script That Helps You Investigate Protonmail Accounts And ProtonVPN IP Addresses
ProtOSINT is a Python script that helps you investigate ProtonMail accounts and ProtonVPN IP addresses.DescriptionThis tool can help you in...
Sigurls – A Reconnaissance Tool, It Fetches URLs From AlienVault’s OTX, Common Crawl, URLScan, Github And The Wayback Machine
sigurls is a reconnaissance tool, it fetches URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback Machine.UsageTo display...
Update on SolarWinds Supply-Chain Attack: SUNSPOT and New Malware Family Associations
This update is a continuation of our previous coverage of the SolarWinds supply-chain attack that was discovered by FireEye in...
pongoOS – A Pre-Boot Execution Environment For Apple Boards
A pre-boot execution environment for Apple boards built on top of checkra1n.Building on macOSInstall Xcode + command-line utilities make clean...
Wprecon – A Vulnerability Recognition Tool In CMS WordPress, 100% Developed In Go
Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.Notice:Why is the project...
MUD-Visualizer – A Tool To Visualize MUD Files
This tool can be used to visualize the MUD files in JSON format. MotivationMUD files are plain text files in...
Pidrila – Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
PIDRILA: Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer is really fast async web path scanner prototype developed by BrightSearch team...
Longtongue – Customized Password/Passphrase List Inputting Target Info
Customized Password/Passphrase List inputting Target InfoInstallationgit clone https://github.com/edoardottt/longtongue.git cd longtongue python3 longtongue.pyUsageusage: longtongue.py Customized Password/Passphrase List inputting Target Infooptional arguments:...
Emp3R0R – Linux Post-Exploitation Framework Made By Linux User
hide processes and filescurrently emp3r0r uses libemp3r0r to hide its files and processes, which utilizes glibc hijacking persistencecurrently implemented methods:...
Solarflare – SolarWinds Orion Account Audit / Password Dumping Utility
Credential Dumping Tool for SolarWinds Orion Blog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/Credit to @asolino, @gentilkiwi, and @skelsec for helping me figuring out DPAPI....
Exif-Gps-Tracer – A Python Script Which Allows You To Parse GeoLocation Data From Your Image Files Stored In A dataset
A python script which allows you to parse GeoLocation data from your Image files stored in a dataset.It also produces...
UhOh365 – A Script That Can See If An Email Address Is Valid In Office365 (User/Email Enumeration)
A script that can see if an email address is valid in Office365. This does not perform any login attempts,...
Sarenka – OSINT Tool – Data From Services Like Shodan, Censys Etc. In One Place
SARENKA is an Open Source Intelligence (OSINT) tool which helps you obtaining and understanding Attack Surface. The main goal is...
How COVID-19 Reinforced the Need for Mobile Device Management
How many of you got that call at the beginning of the pandemic to make your company’s workforce 100% capable...
