Stars
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…
Veil 3.1.X (Check version info in Veil at runtime)
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
This program show you IMSI numbers of cellphones around you.
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Tool for Active Directory Certificate Services enumeration and abuse
DataSploit / datasploit
Forked from dvopsway/datasploitAn #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
WebRTC/RTSP/RTMP/LL-HLS bridge for Wyze cams in a docker container
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
Fully featured and community-driven hacking environment
Privilege Escalation Project - Windows / Linux / Mac
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.