Clik here to view.
Docker-OSX - Run Mac in a Docker container
Docker-OSX now has a Discord server & Telegram! The Discord is active on #docker-osx and anyone is welcome to come and ask questions, ideas, etc. Click to join the Discord server...
View ArticleLazypariah - A tool for generating reverse shell payloads on the fly
LAZYPARIAH is a simple and easily installable command-line tool written in pure Ruby that can be used during penetration tests and capture-the-flag (CTF) competitions to generate a range of reverse...
View ArticleClik here to view.
Loki - Simple IOC and Incident Response Scanner
Scanner for Simple Indicators of Compromise - https://github.com/Neo23x0/Loki Detection is based on four detection methods: 1. File Name IOC Regex match on full file path/name 2. Yara Rule Check Yara...
View ArticleClik here to view.
OsintEye - username enumeration & reconnaisance suite
Username enumeration & reconnaisance suite Supported sites PyPI Github TestPypi About.me Instagram DockerHub Installation Clone project: $ git clone https://github.com/rly0nheart/osinteye.git $...
View ArticleClik here to view.
Phantun - A lightweight and fast UDP to TCP obfuscator
Transforms UDP stream into (fake) TCP streams that can go through Layer 3 & Layer 4 (NAPT) firewalls/NATs. Table of Contents Phantun Latest release Overview Usage 1. Enable Kernel IP forwarding 2....
View ArticleClik here to view.
Discover Three Key OSINT Tools – And How to Use Them by Gergo Varga
Open Source Intelligence (OSINT) can provide you with a wealth of useful, detailed and – perhaps most importantly – free data. Whether you seek to learn more about a company, an individual, or a...
View Article365Inspect - a PowerShell script that automates the security assessment of...
Purpose Further the state of O365 security by authoring a PowerShell script that automates the security assessment of Microsoft Office 365 environments. Setup 365Inspect requires the administrative...
View ArticlevAPI - Vulnerable Adversely Programmed Interface which is Self-Hostable API...
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises. Requirements PHP MySQL PostMan MITM Proxy Installation...
View ArticleClik here to view.
Coraza - Golang modsecurity compatible web application firewall library
Welcome to OWASP Coraza Web Application Firewall, OWASP Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity's seclang language and is 100% compatible with...
View ArticleClik here to view.
KrbRelay - Framework for Kerberos relaying
Relaying 3-headed dogs. More details at https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html and...
View ArticleClik here to view.
Ostorlab - a composable security scanning platform for all assets
Security testing requires often chaining tools together, taking the output from one, mangling it, filtering it and then pushing it to another tool. Several tools have tried to make the process less...
View ArticleAccount Takeover Fraud: What You Need to Know
In the 21st century, fraud is a business transferred from offline to online. In recent years, internet users have increased significantly, and cybercrime too. Most people use web services to...
View ArticleClik here to view.
Windows 10 exploitation with just one image by Anastasis Vasileiadis
Metasploit is the latest in the field of information security and penetration control. It has almost redefined how we can perform security tests on our systems. The reason that makes Metasploit so...
View ArticleClik here to view.
Lnkbomb - Malicious shortcut generator for collecting NTLM hashes from...
Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file. This icon file can...
View ArticleClik here to view.
List of Free Python Resources [Updated April 2022]
Python is considered a beginner-friendly programming language and its community provides many free resources for beginners and more advanced users. Our team had gathered the most helpful free materials...
View ArticleClik here to view.
Spring4Shell-scan - a fully automated, reliable, and accurate scanner for...
Features Support for lists of URLs. Fuzzing for more than 10 new Spring4Shell payloads (previously seen tools uses only 1-2 variants). Fuzzing for HTTP GET and POST methods. Automatic validation of...
View ArticleClik here to view.
Live Forensicator - Powershell Script to aid Incidence Response and Live...
___________ .__ __ \_ _____/__________ ____ ____ _____|__| ____ _____ _/ |_ ___________ | __)/ _ \_ __ \_/ __ \ / \ / ___/ |/ ___\\__ \\ __\/ _ \_ __ \ | \( <_> ) | \/\ ___/| | \\___ \| \ \___ /...
View ArticleClik here to view.
Shhhloader - SysWhispers Shellcode Loader
Shhhloader Shhhloader is a SysWhispers Shellcode Loader that is currently a Work in Progress. It takes raw shellcode as input and compiles a C++ stub that has been integrated with SysWhispers in order...
View ArticleClik here to view.
Domain Takeover with PetitPotam Exploit by Nairuz Abulhul
Petitpotam is a vulnerability that allows a domain user to take over domain controllers through triggering authentications using the MS-EFSRPC protocol. The vulnerability lies in the insufficient path...
View ArticleADReaper - A fast enumeration tool for Windows Active Directory Pentesting...
ADReaper is a tool written in Golang which enumerates an Active Directory environment with LDAP queries within few seconds Installation You can download precompiled executable binaries for...
View Article