The pentester's Swiss knife
Ldapper A GoLang tool to enumerate and abuse LDAP. Made simple. Ldapper was created with for use in offensive security engagements for user enumeration, group enumeration, and more. Ldapper uses familiar “net” commands such as...
apk.sh apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding, and patching an APK. Features apk.sh basically uses apktool to disassemble, decode and rebuild resources...
NimPlant – A light first-stage C2 implant written in Nim and Python Feature Overview Lightweight and configurable implant wrote in the Nim programming language Pretty web GUI that will make you look cool...
URLFinder URLFinder is a high-speed, passive URL discovery tool designed to simplify and accelerate web asset discovery, ideal for penetration testers, security researchers, and developers looking to gather URLs without active scanning. Feature Curated...
fingerprintx fingerprintx is a utility similar to httpx that also supports fingerprinting services like as RDP, SSH, MySQL, PostgreSQL, Kafka, etc. fingerprintx can be used alongside port scanners like Naabu to fingerprint a set of ports identified...
Grepmarx – source code static analysis platform for security auditors Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases. Features...
Nuke It From Orbit With the precision of a brain surgeon wielding a chainsaw, nifo can obliterate most AV/EDR products from endpoints or servers running the world’s most popular operating system, even if they’re...
lynis Lynis is a security auditing tool for systems based on UNIX like Linux, macOS, BSD, and others. It performs an in-depth security scan and runs on the system itself. The primary goal is to test...
Prowler: AWS Security Tool Prowler is a command-line tool for AWS Security Best Practices Assessment, Auditing, Hardening, and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks)...
mailcat The only cat who can find existing email addresses by nickname. Supported providers Total 37 providers, > 170 domains and > 100 aliases. Name Domains Method Gmail gmail.com SMTP Yandex yandex.ru + 5...
Overview Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file builds an AST from it and runs appropriate plugins against the AST nodes....
ntopng ntopng is the next-generation version of the original ntop, a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntopng is based on libpcap and...
FAVICORN All-sources tool to search websites by favicons. Favicorn takes a favicon and provides search result links across 10 platforms, and not only. Supported platforms Name Login required ZoomEye yes Shodan yes Fofa no...
chisel Chisel is a fast TCP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server. Written in Go (golang). It is mainly useful for passing through firewalls, though it...
Radare2: Unix-Like Reverse Engineering Framework Introduction r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. Radare project started as a...
ShadowDumper Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service) memory, often needed in penetration testing and red teaming activities. It offers flexible options to users and uses...