crawlergo is a browser crawler that uses chrome headless mode for URL collection. It hooks key positions of the whole web page with DOM rendering stage, automatically fills and submits forms, with intelligent JS...
NetworKit is an open-source tool suite for high-performance network analysis. Its aim is to provide tools for the analysis of large networks in the size range from thousands to billions of edges. For this...
XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning. XMap is reimplemented and improved thoroughly from ZMap and is fully compatible with ZMap, armed with the “5...
ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates for arbitrary users capable of authentication to Active Directory. This attack is codified as DPERSIST1...
Unmanaged PowerShell execution using DLLs or a standalone executable. Introduction PowerShx is a rewrite and expansion on the PowerShdll project. PowerShx provide functionalities for bypassing AMSI and running PS Cmdlets. Features Run Powershell with...
Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based hosts. The data aims to help DFIR professionals triage and scope incidents. An Elk...
A dead simple library providing the foundational logic for efficient password brute force attacks against authentication interfaces. See various Wiki sections for more information. A “modular” example is included with the library that demonstrates...
FUSE is a penetration testing system designed to identify Unrestricted Executable File Upload (UEFU) vulnerabilities. The details of the testing strategy is in our paper, “FUSE: Finding File Upload Bugs via Penetration Testing”, which...
This tool allows you to statically analyze Windows, Linux, OSX executables and APK files. You can get: What DLL files are used. Functions and APIs. Sections and segments. URLs, IP addresses and emails. Android...
A program to control systems remotely by uploading videos to Youtube using Python to create the videos and the listener, emulating some malware I was reading about. It allows to create videos with frames...
GitOops is a tool to help attackers and defenders identify lateral movement and privilege escalation paths in GitHub organizations by abusing CI/CD pipelines and GitHub access controls. It works by mapping relationships between a...
AF-ShellHunter: Auto shell lookup AF-ShellHunter its a script designed to automate the search of WebShell’s in AF Team How to pip3 install -r requirements.txtpython3 shellhunter.py –help Basic Usage You can run shellhunter in two...
Viper is a graphical intranet penetration tool, which modularizes and weaponizes the tactics and technologies commonly used in the process of Intranet penetration Viper integrates basic functions such as bypass anti-virus software, intranet tunnel,...
ASF aims to protect organizations acting as an attack surface watchdog, provided an “Object” which might be a: Domain, IP address or CIDR (Internal or External), ASF will discover assets/subdomains, enumerate their ports and...
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation. Summary SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of...
Smersh is a pentest oriented collaborative tool used to track the progress of your company’s missions and generate rapport. Preview front (Angular): Documentation All information is available at the following address: https://docs.smersh.app How to...
