Attack Surface Management Platform

Scripted Local Linux Enumeration & Privilege Escalation Checks

The LAZY script will make your life easier, and of course faster.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

Various *nix tools built as statically-linked binaries

[WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileg…

使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool…

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

Find exploits in local and online databases instantly

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

AntiVirus Evasion Tool

A Suricata based NDR distribution

MSFvenom Payload Creator (MSFPC)

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and …

一键提取安卓应用中可能存在的敏感信息。

Use a Fake image.jpg to exploit targets (hide known file extensions)

Quickly analyze and reverse engineer Android packages

An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling

A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)

AWS Auditing & Hardening Tool

Lightweight rootkit implemented by bash shell scripts v0.10

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web f…

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Information gathering & website reconnaissance | https://phishstats.info/

Analysis of DNS records to find popular trends

One-click injection into the SSHD process to record and send the password for ssh login

A POSIX-compliant, fully automated WPA PSK PMKID and handshake capture script aimed at penetration testing