SharpMapExec – A Sharpen Version Of CrackMapExec
A sharpen version of CrackMapExec. This tool is made to simplify penetration testing of networks and to create a swiss...
tools
Watcher – Open Source Cybersecurity Threat Hunting Platform
Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organisation. It should...
Sploit – Go Package That Aids In Binary Analysis And Exploitation
Sploit is a Go package that aids in binary analysis and exploitation. The motivating factor behind the development of sploit...
Fawkes – Tool To Search For Targets Vulnerable To SQL Injection (Performs The Search Using Google Search Engine)
Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine.Options -q,...
Bheem – Simple Collection Of Small Bash-Scripts Which Runs Iteratively To Carry Out Various Tools And Recon Process
Project Bheem is a simple collection of small bash-scripts which runs iteratively to carry out various tools and recon process...
Bento – A Minimal Fedora-Based Container For Penetration Tests And CTF With The Sweet Addition Of GUI Applications
A bento (弁当, bentō) is a single-portion take-out or home-packed meal of Japanese origin. Bento Toolkit is a simple and...
Scilla – Information Gathering Tool (DNS/Subdomain/Port Enumeration)
Information Gathering Tool - Dns/Subdomain/Port EnumerationInstallationFirst of all, clone the repo locally git clone https://github.com/edoardottt/scilla.git Scilla has external dependencies, so...
Go365 – An Office365 User Attack Tool
Go365 is a tool designed to perform user enumeration* and password guessing attacks on organizations that use Office365 (now/soon Microsoft365)....
E9Patch – A Powerful Static Binary Rewriting Tool
E9Patch is a powerful static binary rewriting tool for x86_64 Linux ELF binaries. E9Patch is: Scalable: E9Patch can reliably rewrite...
PoshBot – Powershell-based Bot Framework
PoshBot is a chat bot written in PowerShell. It makes extensive use of classes introduced in PowerShell 5.0. PowerShell modules...
Help Others Be “Cyber Aware” This Festive Season—And All Year Round!
Are you tired of being the cybersecurity help desk for everyone you know? Are you frustrated with spending all your...
How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM
Since the launch of InsightVM’s Custom Policy Builder in June of this year, hundreds of organizations have created and customized...
Freki – Malware Analysis Platform
Freki is a free and open-source malware analysis platform.GoalsFacilitate malware analysis and reverse engineering; Provide an easy-to-use REST API...
Ghost Framework – An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device
About Ghost FrameworkGhost Framework is an Android post-exploitation framework that exploits theAndroid Debug Bridge to remotely access an Android device....
Happy HaXmas from the Rapid7 Team!
Happy HaXmas, everyone! This has been quite the year, but we’re thrilled that we’re able to keep up our favorite...
APKLab – Android Reverse Engineering WorkBench For VS Code
APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer and more to the excellent VS Code so you can...
ToRat – A Remote Administation Tool Written In Go Using Tor As A Transport Mechanism And RPC For Communication
A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS...
The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices
Back in July, Rapid7 released its first-ever National / Industry / Cloud Exposure Report, otherwise known as “NICER.” This report...
WSMan-WinRM – A Collection Of Proof-Of-Concept Source Code And Scripts For Executing Remote Commands Over WinRM Using The WSMan.Automation COM Object
A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object.BackgroundFor background...
Stegseek – Worlds Fastest Steghide Cracker, Chewing Through Millions Of Passwords Per Second
Stegseek is a lightning fast steghide cracker that can be used to extract hidden data from files. It is built...
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds...
Slipstream – NAT Slipstreaming Allows An Attacker To Remotely Access Any TCP/UDP Services Bound To A Victim Machine, Bypassing The Victim’s NAT/firewall, Just By The Victim Visiting A Website
NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim's NAT/firewall...
403Bypasser – Burpsuite Extension To Bypass 403 Restricted Directory
An burpsuite extension to bypass 403 restricted directory. By using PassiveScan (default enabled), each 403 request will be automatically scanned...
Gustave – Embedded OS kernel fuzzer
GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL (and all of its...
