A platform for community discussion. Free, open, simple.

The ultimate WinRM shell for hacking/pentesting

Web Application Security Scanner Framework

Efficient and advanced man in the middle framework

Module of Metasploit to exploit the vulnerability Eternalblue-Doublepulsar.

A tool for embedding XXE/XML exploits into different filetypes

DEPRECATED - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)

A small tool that extracts relative URLs from a file.

conference management system

CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM.

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

network visualization & pentest reporting

SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

Script used to generate and encode a PowerShell based Metasploit payloads.

Unveiled at DEF CON 20, NTLM Relaying to ALL THE THINGS!

A simple tool for offline searching of default credentials for network devices, web applications and more.

vcsmap is a plugin-based tool to scan public version control systems for sensitive information.

This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.

Metasploit msfvenom Bash Completions Generator

Squirtle the Browser-based NTLM Attack Toolkit