Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests...
ssh tunnel SSH tunnels to a remote server.API allows either initializing the tunnel and starting it or using a with context, which...
Vulnx is An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of Cms, fast cms detection,informations gathering and vulnerabilitie...
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.Installation go get -u...
mihari mihari is a sidekick tool for TheHive for monitoring malicious hosts (C2 / landing page/phishing, etc.) continuously. How it works mihari makes a...
kubesec Security risk analysis for Kubernetes resources Changelog v2.3.1 alpha 76b2707 Modified the GH actions release to work with go modules b96a1d6 Swapped goreleaser...
As with many exploits, remote and local file inclusions are only a problem at the end of the encoding. Of course it...
Sigma Hunting App A Splunk App containing Sigma detection rules, which can be updated dynamically from a Git repository. Motivation Most of...
This shell is the ultimate WinRM shell for hacking/pentesting. WinRM (Windows Remote Management) is the Microsoft implementation of WS-Management Protocol. A standard...
SCShell Fileless lateral movement tool that relies on ChangeServiceConfigA to run command. The beauty of this tool is that it doesn’t perform...
This project produces open-source code to generate rainbow tables as well as use them to look up password hashes. While the current...
Mordor Gates The Mordor project provides pre-recorded security events generated by simulated adversarial techniques in the form of JavaScript Object Notation (JSON)...
The Brave Privacy Browser is your fast, safe private web browser with ad blocker, private tabs and pop-up blocker. Browse without being...
Leprechaun The purpose of this tool is to help penetration testers identify potentially valuable targets on the internal network environment. By aggregating...
Burp Suite extension to discover assets from HTTP response using passive scanning. Refer our blog Asset Discovery using Burp Suite for more...
Developing the next great app or a fully functional website is something every developer strives for. Crafting lines of code that roll...
Easier network scanning with NetAss2 (Network Assessment Assistance Framework). Make it easy for Pentester to do penetration testing on network. Dependencies nmap...
SharpHide Just a nice persistence trick to confuse DFIR investigation. Uses NtSetValueKey native API to create a hidden (null-terminated) registry key. This...
Subdomain Scan With Ping Method. Flags Value Description –hostname example.com Domain for scan. –output Records the output with the domain name. –list...
apk-mitm A CLI application that automatically prepares Android APK files for HTTPS inspection Inspecting a mobile app’s HTTPS traffic using a proxy...
IMPORTANTWhen using source or by downloading the code directly from the repository, it is important to run the database upgrade script if...