🦇 MidnightRAT Payload is a stealthy, modular Python-based C2 payload for red team ops, adversary emulation, malware analysis labs, and defense testing for EDR/NDR.

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated daily. Showcased at BlackHat Europe 2025 Arsenal.

The Network Execution Tool

Analyst Tool to automate some of an analyst's daily investigation tasks. In both python script and Jupyter Notebook format.

DPULSE - Tool for complex approach to domain OSINT

Execute commands interactively on remote Windows machines using the WinRM protocol

Aura-sec is a simple, fast, and extensible network port scanner built with Python. Designed for security professionals, students, and enthusiasts, Aura-sec makes it easy to scan network hosts for open ports and services. The tool is lightweight and user-friendly, making it ideal for both learning and practical network security tasks.

Convert infrastructure scans into various output formats such as Markdown tables, YAML, HTML, CSV, and more. Can also be used to generate launch scripts for various other scanners.

Webhawk/Catch helps automatically finding web attack traces in logs

MidnightRAT is a lightweight, encrypted, Python-based red team payload designed to simulate APT-style Command & Control behavior, including polymorphism, adaptive sleep, and remote command execution for use in ethical hacking, red teaming, and adversary emulation labs.

IP域名提取工具

Overwatch is intended to leverage Masscan's speed and Nmap's versatility.

Tools and notes for Web App Exploitation:

Lightweight CLI tool for scanning REST APIs for CORS issues, methods, and info leaks.

A wordlist analyzer framework written in Python and distributed on PyPi.

A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.

(Unofficial) Wazuh integration to send alerts to IRIS.

CVE Notifier is designed to monitor and track new CVEs Vulnerabilities. It automatically monitors defined vendors & products for newly discovered CVEs and sends alerts to Slack channel, keeping up-to-date on potential security risks.

Infosec audit tool designed to provide comprehensive system vulnerability assessments.