SysAnalyzer is an open-source application that was designed to give malcode analysts an automated tool to quickly collect, compare, and report...
Kirjuri is a simple php/mysql web application for managing physical forensic evidence items. It is intended to be used as a...
It is utmost important for any security engineer to understand their network first before securing it and it becomes a daunting...
BOtB is a container analysis and exploitation tool designed to be used by pentesters and engineers while also being CI/CD friendly...
Set of tools for creating/injecting payload into images. Useful references for better understanding of pixload and its use-cases: Bypassing CSP using polyglot JPEGs...
FudgeC2 is a campaign orientated Powershell C2 framework built on Python3/Flask – Designed for team collaboration, client interaction, campaign timelining, and...
Introduction Dr. ROBOT is a tool for Domain Reconnaissance and Enumeration. By utilizing containers to reduce the overhead of dealing with dependencies,...
Mondoo is infrastructure and security analytics your cloud-native applications. By removing the code literacy, we strive to make infrastructure operations and...
Stardox is an advanced github stargazers information gathering tool. It scraps Github for information and display them in list tree view....
Standalone python script for generating reverse shells easily and automating the boring stuff like URL encoding the command and setting up...
gitGraber is a tool developed in Python3 to monitor GitHub to search and find sensitive data for different online services such...
BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 2336 tools. You can install...
The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites...
Phishing Simulation mainly aims to increase phishing awareness by providing an intuitive tutorial and customized assessment (without any actual setup –...
stegify is a simple command line tool capable of fully transparent hiding any file within an image. This technique is known...
DetExploit is software that detect vulnerable applications and not-installed important OS updates on the system, and notify them to user. As...
PostShell is a post-exploitation shell that includes both a bind and a back connect shell. It creates a fully interactive TTY...
POC tools accompanying the blog Abusing Exchange: One API call away from Domain Admin. Requirements These tools require impacket. You can install...
Web Application Pentesting is a method of identifying, analyzing and Report the vulnerabilities which are existing in the Web application including buffer...
Big corporations trying to improve the user experience by making everything around simplify, increasing performance and connections with “IoT’s”. Today with the...
Web Application Pentesting Tools are more often used by security industries to test the vulnerabilities of web-based applications. Here you can find...