A concise selection of interesting, if not essential, tools. Devised with a bit of ingenuity and a touch too much spare time.

Try toboggan once and you will never want anything else for RCE during security assessments! It automatically adapts to diverse Linux environments (including AS/400) through intelligent binary detection (BusyBox, custom paths) and provides built-in actions for file transfers and post-exploitation tasks.

• msauth-browser: A Python 3 tool that uses the Playwright browser automation library to extract Microsoft OAuth tokens. Ideal when you need to authenticate as a user and retrieve their login tokens in order to send emails, for example.
• msgraphx: Abusing the Microsoft Graph SDK to search and harvest SharePoint files, Outlook mail, Teams messages and lot of M365 things.

These two tools are designed to simplify complex T-SQL interactions for Microsoft SQL Server environments. You can impersonate any user along the way to the last linked server in your chain. Both tools prioritize modularity, extensibility, and operator experience, following robust OOP practices and addressing real-world red team requirements. Each tool serves a distinct purpose.

• MSSQLand: A lightweight C# executable, designed for beacon assembly execution and restricted environments.
• mssqlclient-ng: The Python3 twin built upon impacket's mssqlclient.py, ideal for external access.

Salesforce portals are a class of target that existing tools barely scratch. Guest user enumeration, REST surface coverage, IDOR probing across sessions, and a deliverable-ready report all require stitching together multiple manual steps. sfmap does it in one command.

If you have ever worked with SAP during a penetration test, you know how cumbersome using SXPG_CALL_SYSTEM on a SAP server can be, sapsxpg is for you.