real time face swap and one-click video deepfake with only a single image

A command line toolkit to generate maps, point clouds, 3D models and DEMs from drone, balloon or kite images. 📷

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

OSINT Tool: Generate username lists for companies on LinkedIn

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Enumerate the permissions associated with AWS credential set

Send phishing messages and attachments to Microsoft Teams users

A sniffer for Bluetooth 5 and 4.x LE

Chepy is a python lib/cli equivalent of the awesome CyberChef tool.

Username enumeration and password spraying tool aimed at Microsoft O365.

SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.

a tool to help operate in EDRs' blind spots

Latest CVEs with their Proof of Concept exploits.

A library for detecting known secrets across many web frameworks

Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…

A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to by…

A tool to query for the existence of pre-windows 2000 computer objects.

Mirage is a powerful and modular framework dedicated to the security analysis of wireless communications.

Automatic tool for DNS rebinding-based SSRF attacks

A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

User Enumeration of Microsoft Teams users via API

A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks

wspcoerce coerces a Windows computer account via SMB to an arbitrary target using MS-WSP