Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.Main FeaturesWrite your own PayloadsIn-Memory executionExtract Password ListDashboard...
This blog post is part 2 of a two-part blog series recapping Rapid7’s Black Hat debriefs as part of Virtual...
A TCP tunneling suite built with golang and gRPC. gTunnel can manage multiple forward and reverse tunnels that are all...
TaoWu(檮杌) is a CobaltStrike toolkit. All the scripts are gathered on the Internet and slightly modified by myself. You can...
Boy, oh boy, has Black Hat changed. Where we once looked up at the neon lights of Las Vegas, we...
Today the Metasploit team is pleased to announce active development of Metasploit Framework 6.0, available now for testing and community...
A tool for UEFI firmware reverse engineering.UEFI firmware analysis with uefi_retool.py scriptUsage:Copy ida_plugin/uefi_analyser.py script and ida_plugin/uefi_analyser directory to IDA plugins...
Network reconnaisance tool that sniffs for active hostsIntroductionNetenum passively monitors the ARP traffic on the network. It extracts basic data...
DLInjector for Graphical User Interface.Faster DLL Injector for processes. It targets the process name to identify the target. The process...
xeca is a project that creates encrypted PowerShell payloads for offensive purposes.Creating position independent shellcode from DLL files is also...
Zoom adoption has skyrocketed with spikes in remote working, but web application security needs to be a top priority to...
cnitch (snitch or container snitch) is a simple framework and command line tool for monitoring Docker containers to identify any...
Mística is a tool that allows to embed data into application layer protocol fields, with the goal of establishing a...
DeimosC2 is a post-exploitation Command & Control (C2) tool that leverages multiple communication methods in order to control machines that...
EternalBlue suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode ms17_vuln_status.cpp...
CWFF is a tool that creates a special High quality fuzzing/content discovery wordlist for you at the highest speed possible...
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report.Example...
Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes...
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP...
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files...
The Rapid7 Metasploit team is taking a page from DEF CON’s “SAFE MODE” operations this year, hosting our annual Open...
In part one of this two-part series on the cloud and cloud security for security professionals, we dove into everything...
Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing...
Terminal and Web console for KubernetesFeatures Configuration from kubeconfig files (KUBECONFIG environment variable or $HOME/.kube) Switch contexts interactively Authentication support...
