StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. This tool will look for interesting...
Telegram Chatbot to control Lan network. Installation: You will need a Raspberry Pi with fresh Raspbian/Kali on the SD card, because you...
BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to...
Bettercap is a complete, modular, portable and easily extensible MITM tool and framework with every kind of diagnostic and offensive feature you...
The Trojanizer tool uses WinRAR (SFX) to compress the two files input by user, and transforms it into an SFX executable(.exe) archive....
Proxenet is a hacker-friendly DIY web proxy for pentesters. It is a C-based proxy that allows you to interact with higher level...
SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API. SQLMap comes with a RESTful based server...
Yasuo is a ruby script that scans for vulnerable 3rd-party web applications. There are over 10,000 remotely exploitable vulnerabilities that exist in...
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715...
ShellCheck is a static analysis tool that gives warnings and suggestions for bash/sh shell scripts. How To Use ShellCheck There are a number...
Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool that you can use to test web-based applications with the view to...
Fsociety Contains All Tools Used In Mr Robot Series compiled into an easy to use Pentesting framework. Fsociety Menu Information Gathering Password...
Autorize is an automatic authorization enforcement detection extension for Burp Suite. It helps you detect authorization vulnerabilities. It is sufficient to give to...
D-Link Password Decryptor is a free program that allows you to instantly recover the Login Password of D-Link modem/router. It supports dual mode...
Kadimus is a tool that allows you to detect and exploit the Local File Inclusion (LFI) vulnerability in sites. Features: Check all...
Bluepot was a third year university project attempting to implement a fully functional Bluetooth Honeypot. A piece of software designed to accept...
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds...
Phant0m is a PowerShell script and targets the Windows Event Log Service in Windows operating system. Because the most traces of a...
Mimikatz is a post-exploitation tool written by Benjamin Delpy (gentilkiwi). It’s now well known for extracting plaintexts passwords, hash, PIN code and...
Invoke-PSImage takes a PowerShell script and embeds the bytes of the script into the pixels of a PNG image. It generates a...
PhEmail is a python based email phishing tool that automates the process of sending phishing emails as part of a social engineering...