Find secrets with Gitleaks 🔑

Find, verify, and analyze leaked credentials

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

A fast TCP/UDP tunnel over HTTP

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Open-Source Phishing Toolkit

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

A Tool for Domain Flyovers

Easy web analytics. No tracking of personal data.

High-precision indoor positioning framework for most wifi-enabled devices.

Cameradar hacks its way into RTSP videosurveillance cameras

An OOB interaction gathering server and client library

Scan for misconfigured S3 buckets across S3-compatible APIs!

A lightweight LDAP server for development, home use, or CI

$ ssh sshtron.zachlatta.com

A tool to abuse Exchange services

Automating situational awareness for cloud penetration tests.

Security risk analysis for Kubernetes resources

Peirates - Kubernetes Penetration Testing tool

Track the location of every Wi-Fi device (:iphone:) in your house using Raspberry Pis and FIND

An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector

Pathbrute

A Go-based Exploit Framework

Search exposed EBS volumes for secrets

The talkiepi project is for a truly headless mumble client for the Raspberry Pi, utilizing static config and GPIO for status LEDs and a button for push to talk

SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.

Go code to read cookies from browser cookie stores.

Generate OpenConnect CSD files to bypass Cisco AnyConnect hostscan requirements

Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)

Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies