PTF - Pentest Tools Framework (exploits, Scanner, Password.)
PTF - Pentest Tools Framework is a database of exploits, scanners and tools for penetration testing. PTF is a powerful framework, that includes a lot of tools for beginners. You can explore kernel...
View ArticleSplunk Attack Range
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk. The Attack Range solves two main challenges in...
View ArticleIceBox - Virtual Machine Introspection, Tracing & Debugging
Icebox is a Virtual Machine Introspection solution that enable you to stealthily trace and debug any process (kernel or user). It's based on project Winbagility. Files which might be helpful:...
View ArticleZelos - A comprehensive binary emulation platform
Zelos (Zeropoint Emulated Lightweight Operating System) is a python-based binary emulation platform. One use of zelos is to quickly assess the dynamic behavior of binaries via command-line or python...
View ArticleUnicorn is a simple tool for using a PowerShell downgrade attack and inject...
Magic Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's PowerShell attacks and the PowerShell bypass technique...
View ArticleXSpear - Powerfull XSS Scanning and Parameter analysis tool and gem
Xspear is a powerful XSS scanning and parameter analysis tool on ruby gems, capable of both static and dynamic XSS vulnerability analysis. Therefore, it has the ability to scan, detect and analyze...
View ArticleRepository of sentinel alerts and hunting queries leveraging sysmon and the...
Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel. DISCLAIMER: This tool is not a magic bullet. It...
View ArticleAutoSploit - Automated Mass Exploiter
As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom...
View ArticleTool-X is a Kali Linux hacking tools installer for Termux and linux system
Tool-X was developed for Termux and other android terminals. Using Tool-X, you can install almost 370+ hacking tools in Termux (android) and other Linux based distributions. Now Tool-X is available for...
View ArticleuDork - Google Hacking Tool
uDork is a script written in Python that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so...
View ArticleMaryam : Open-source Intelligence(OSINT) Framework
OWASP Maryam is an Open-source intelligence(OSINT) and Web-based Footprinting modular/tool framework based on the Recon-ng and written in Python. If you have skills in Metasploit or Recon-ng, you can...
View ArticleStarkiller is a Frontend for PowerShell Empire.
Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. If you'd like to contribute please follow the Contribution guide. If you'd like to request a feature or...
View ArticleXXExploiter - Tool to help exploit XXE vulnerabilities
XXExploiter generates the XML payloads, and automatically starts a server to serve the needed DTD's or to do data exfiltration. IMPORTANT: This tool is still under development and although most of its...
View Article2FA Bypass With PowerShell [FREE COURSE CONTENT]
In this video from our PowerShell for Hackers course your instructor, Atul Tiwari, shows how to perform a 2FA bypass with PowerShell. 2FA is used, among others, in Outlook and Office 365, so this...
View ArticleKatana- A Python Tool For Google Hacking
Katana-ds (ds for dork_scanner) is a simple python tool that automates Google Hacking/Dorking and supports TOR. It becomes a more powerful in combination with GHDB Installation: Use the package...
View ArticleNinja - Open source C2 server created for stealth red team operations
Ninja C2 is an Open source C2 server created by Purple Team to do stealthy computer and Active directory enumeration without being detected by SIEM and AVs, Ninja still in beta version and when the...
View ArticleOne-Lin3r: Gives you one-liners that aids in penetration testing operations,...
One-Lin3r is simple modular and light-weight framework gives you all the one-liners that you will need while penetration testing (Windows, Linux, macOS or even BSD systems) or hacking generally with a...
View ArticleRuntime Mobile Security (RMS) - powerful web interface that helps you to...
Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime. You can easily dump all the loaded classes and...
View ArticlePown Recon - A powerful target reconnaissance framework powered by graph theory.
Pown Recon is a target reconnaissance framework powered by graph theory. The benefit of using graph theory instead of flat table representation is that it is easier to find the relationships between...
View ArticleIdentifying Open-Source Vulnerabilities: Tips and Tools - Gilad David Maayan
Open source components enable faster development. You don’t have to build from scratch, and you can quickly add upgrades. The downside of open source is that you never know what code you’re going to...
View Article