Beyond EXE: A PoC Exploring Code Execution Flexibility
PoC – EXE or DLL or ShellCode This is just a simple silly PoC demonstrating an executable “exe” file that can be used like exe, DLL, or shellcode… Steps Create an “exe” which has...
The pentester's Swiss knife
phpMussel: PHP-based anti-virus anti-trojan anti-malware solution
What is phpMussel? An ideal solution for shared hosting environments, where it’s often not possible to utilise or install conventional anti-virus protection solutions, phpMussel is a PHP script designed to detect trojans, viruses, malware and...
HaE: BurpSuite Highlighter and Extractor
HaE – Highlighter and Extractor HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages. The plugin can custom regular expressions to match HTTP response messages. You can decide...
reNgine: an automated reconnaissance framework
reNgine reNgine is an automated reconnaissance framework with a focus on a highly configurable streamlined recon process. reNgine is backed by a database, with data correlation and organization, the custom query “like” language for...
OpenBAS: Open Breach and Attack Simulation Platform
OpenBAS OpenBAS is an open-source platform allowing organizations to plan, schedule, and conduct cyber adversary simulation campaigns and tests. The goal is to create a powerful, reliable, and open-source tool to effectively plan and...
RecoverPy: Recover overwritten or deleted data
RecoverPy You can already find plenty of solutions to recover deleted files, but it can be a hassle to recover overwritten files. RecoverPy searches through every block of your partition to find your request....
EchoStrike: Undetectable Reverse Shells with a Pythonic Twist
EchoStrike EchoStrike is a tool designed to generate undetectable reverse shells and perform process injection on Windows systems. Through an interactive wizard written in Python, users can customize their binaries with advanced persistence and encryption techniques. The malware code is written...
OWASP SecurityRAT: Tool for handling security requirements
OWASP SecurityRAT OWASP SecurityRAT (Requirement Automation Tool) is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is: specify parameters of the software artifact you’re...
Cloudsplaining: an AWS IAM Security Assessment tool
Cloudsplaining Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. Cloudsplaining identifies violations of least privilege in AWS IAM policies and generates a...
GhostStrike: The Undetectable Red Team Weapon
GhostStrike GhostStrike is an advanced cybersecurity tool designed for Red Team operations, featuring sophisticated techniques to evade detection and perform process hollowing on Windows systems. Feature Dynamic API Resolution: Utilizes a custom hash-based method to dynamically...
RustScan: Find all open ports fast with Rustscan
RustScan The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). ✨ Features Scans all 65k ports in 3 seconds. Full scripting engine support. Automatically...
vector: High-Performance, Logs, Metrics, & Events Router
Vector Vector is a high-performance, end-to-end (agent & aggregator) observability data pipeline that puts you in control of your observability data. Collect, transform, and route all your logs, metrics, and traces to any vendors you want today and...
InfiltraxInfiltrax: UAC Bypass, Keylogging, and Persistent Access for Penetration Testers
Infiltrax Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve clipboard contents, log keystrokes, bypass UAC and install AnyDesk for persistent remote access. Feature Screenshot Capture:...
ligolo-ng: advanced tunneling/pivoting tool
Ligolo-ng : Tunneling like a VPN An advanced, yet simple, tunneling tool that uses a TUN interface. Ligolo-ng is a simple, lightweight, and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection without the need of...
echidna: Ethereum fuzz testing framework
echidna Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley) More seriously, Echidna is a Haskell program designed for fuzzing/property-based testing of Ethereum smart contracts. It...
COMThanasia: analyzing common vulnerabilities in COM
COMThanasia With this tool, you will be able to detect: Incorrect access control to a COM object (LaunchPermission , AccessPermission) – LPE through abusable COM methods, DCOM Authentication relaying. That’s PermissionHunter. Incorrect registry rights to...
