SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

Arsenal is just a quick inventory and launcher for hacking programs

A powerful and useful hacker dictionary builder for a brute-force attack

Mimikatz implementation in pure Python

Phishing Campaign Toolkit

Miscellaneous exploit code

Pop shells like a master.

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Enumerate the permissions associated with AWS credential set

Generate smart and powerful wordlists

smbclient-ng, a fast and user friendly way to interact with SMB shares.

Subdomain and target enumeration tool built for offensive security testing

Python version of the C# tool for "Shadow Credentials" attacks

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

Utility to download and extract document metadata from an organization. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.

Flipper Zero Python CLI Wrapper

AD ACL abuse

Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data

A modern, modular, and robust TUI hex editor.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Service Enumeration C# .NET Assembly

A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the known threat actors.

Small script to assemble/disassemble from CLI

CVE-2019-9978 - (PoC) RCE in Social WarFare Plugin (<=3.5.2)

Build a real-time map of your network

Breathe life into your Telegram chat with /b-level content

Online exercise generator

Some random scripts