As a bug hunter, are your bug bounty reports getting rejected because you don't use a "malicious" Proof of Concept (PoC) app to exploit the vulnerabilities? I've got you covered!

Install AAB is a script that helps with installing an AAB file into a connected Android device

Brute force Keepass database passwords

Recover your RTSP streams from a capture file

CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM.

Metroflip is a multi-protocol metro card reader app for the Flipper Zero, inspired by the Metrodroid project. It enables the parsing and analysis of metro cards from transit systems around the worl…

A Python based ingestor for BloodHound

Sliver CheatSheet for OSEP

StandIn is a small .NET35/45 AD post-exploitation toolkit

SOCKS5 proxy tool that uses Azure Storage services as a means of communication.

Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.

Extract WinSCP Credentials from any Windows System or winscp config file

Parse your LastPass vault and export to CSV files

Open-Source Phishing Toolkit

Initial Access and Post-Exploitation Tool for Entra ID and M365 with a browser-based GUI

The most exhaustive list of reliable DNS resolvers.

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Anonymous email forwarding

A simple wrapper for the National Vulnerability CVE/CPE API

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

Automatically run and populate a new instance of BH CE

A new kind of Progress Bar, with real-time throughput, ETA, and very cool animations!

RogueMaster Flipper Zero Firmware

Damn Vulnerable Restaurant is an intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethical hackers and security engineers.

A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities

FileSender server software

Yubikey LUKS setup for Ubuntu 22.04 LTS