Stars
Automatic SQL injection and database takeover tool
Securely and anonymously share files, host websites, and chat with friends using the Tor network
A utility for arming (creating) many bees (micro EC2 instances) to attack (load test) targets (web applications).
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Automated NoSQL database enumeration and web application exploitation tool.
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
XSS spider - 66/66 wavsep XSS detected
Debugger capable of attaching to and injecting code into python processes.
some codes and notes about the backdoor listening on TCP-32764 in linksys WAG200G.
Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices
Python Decoders for Common Remote Access Trojans
Scripts I use during pentest engagements.
Bunny is a wireless. meshing, darknet that uses 802.11 to hide its communications
Current development of SSLyze now takes place on a separate repository
Snoopy: A distributed tracking and data interception framework
A Python Framework For NoSQL Scanning and Exploitation
A tool to retrieve malware directly from the source for security researchers.
Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.