Backstab – A Tool To Kill Antimalware Protected Processes
Have these local admin credentials but the EDR is standing in the way? Unhooking or direct syscalls are not working against the EDR? Well, why not just kill it? Backstab is a tool capable...
Tagged: ethical hacking
Salus – Security Scanner Coordinator
Salus (Security Automation as a Lightweight Universal Scanner), named after the Roman goddess of protection, is a tool for coordinating the execution of security scanners. You can run Salus on a repository via the...
Scour – AWS Exploitation Framework
Scour is a modern module based AWS exploitation framework written in golang, designed for red team testing and blue team analysis. Scour contains modern techniques that can be used to attack environments or build...
FRIDA-DEXDump – Fast Search And Dump Dex On Memory
Features support fuzzy search broken header dex. fix struct data of dex-header. compatible with all android version(frida supported). support loading as objection plugin ~ pypi package has been released ~ Requires frida: pip install...
MacHound – An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts
MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts. MacHound collects information about logged-in users, and administrative group members on Mac machines and...
GDir-Thief – Red Team Tool For Exfiltrating The Target Organization'S Google People Directory That You Have Access To, Via Google's API
Red Team tool for exfiltrating the target organization’s Google People Directory that you have access to, via Google’s People API. HOW TO Create a new Google Cloud Platform (GCP) project Steps to get the...
Lazyrecon – Tool To Automate Your Reconnaissance Process In An Organized Fashion
Lazyrecon is a subdomain discovery tool that finds and resolves valid subdomains then performs SSRF/LFI/SQLi fuzzing, brute-force and port scanning. It has a simple modular architecture and is optimized for speed while working with...
Gorsair – Hacks Its Way Into Remote Docker Containers That Expose Their APIs
Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access to the docker daemon, you can use Gorsair to directly execute commands on...
OpenAttack – An Open-Source Package For Textual Adversarial Attack
OpenAttack is an open-source Python-based textual adversarial attack toolkit, which handles the whole process of textual adversarial attacking, including preprocessing text, accessing the victim model, generating adversarial examples and evaluation. Features & Uses OpenAttack...
Invoke-DNSteal – Simple And Customizable DNS Data Exfiltrator
Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltrator. This tool helps you to exfiltrate data through DNS protocol over UDP and TCP, and lets you control the size of queries using random delay....
Red-Shadow – Lightspin AWS IAM Vulnerability Scanner
Scan your AWS IAM Configuration for shadow admins in AWS IAM based on misconfigured deny policies not affecting users in groups discovered by Lightspin’s Security Research Team. The tool detects the misconfigurations in the...
Forblaze – A Python Mac Steganography Payload Generator
Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C file for you which will be compiled to pull desired encrypted URLs out of...
S3-Account-Search – S3 Account Search
This tool lets you find the account id an S3 bucket belongs too. For this to work you need to have at least one of these permissions: Permission to download a known file from...
WAF-A-MoLE – A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls
A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al. Given an input SQL injection query, it tries to produce a semantic...
Heappy – A Happy Heap Editor To Support Your Exploitation Process
Heappy is an editor based on gdb/gef that helps you to handle the heap during your exploitation development. The project should be considered a didactic tool useful to understand the evolution of the heap...
AWS Pen-Testing Laboratory – Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet
PenTesting laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wireguard VPN. Vulnerable instances in a private subnet. NOTE: Ids only defined for region “eu-west-1”...
