The pentester's Swiss knife
VolWeb VolWeb is a digital forensic memory analysis platform that leverages the power of the Volatility 3 framework. It is dedicated to aiding in investigations and incident responses. Objective The goal of VolWeb...
NufSed C2 A next-generation, Python-based Command & Control (C2) framework equipped with chaos-key encryption, dynamic port assignment, and cross-platform payload generation. NufSed C2 is designed to simplify red team operations while increasing stealth and flexibility across...
CureIAM Clean up of over permissioned IAM accounts on GCP infra in an automated way CureIAM is an easy-to-use, reliable, and performant engine for Least Privilege Principle Enforcement on GCP cloud infra. It enables...
Java Archive Implant Toolkit Inject malicious payloads into JAR files. Configuration JarPlant supports injection of custom values with the implants. A set of common configuration properties are defined with the template and built-in implants....
CNAPPgoat CNAPPgoat is a multi-cloud, vulnerable-by-design environment deployment tool – specifically engineered to facilitate practice arenas for defenders and pentesters. Its main function is to deploy intentionally vulnerable environments across multiple cloud service providers,...
DroneXtract DroneXtract is a comprehensive digital forensics suite for DJI drones made with Golang. It can be used to analyze drone sensor values and telemetry data, visualize drone flight maps, audit for criminal activity,...
SeamlessPass SeamlessPass is a tool designed to obtain Microsoft 365 access tokens using on-premises Active Directory Kerberos tickets for organizations with Seamless SSO (Desktop SSO) enabled. These tokens can be used for further interaction...
IAMActionHunter IAMActionHunter is an IAM policy statement parser and query tool that aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS Identity and Access Management...
MDE Kit MDE Kit’s objective is to help automate and empower your investigation, detection, prevention, and response capabilities leveraging the MDE API. MDE Kit leverages many of the available Microsoft Defender for Endpoint (MDE)...
Hannibal Hannibal is a x64 Windows Agent written in fully position independent C (plus a tiny bit of C++). It is based off the Stardust template created by @C5pider. Use case Hannibal is intended to be...
HASH (HTTP Agnostic Software Honeypot) HASH is a framework for creating and launching low interactive honeypots. Why HASH? The main philosophy of HASH is to be easy to configure and flexible to mimic any...
ChopChopGo ChopChopGo inspired by Chainsaw utilizes Sigma rules for forensics artifact recovery, enabling rapid and comprehensive analysis of logs and other artifacts to identify potential security incidents and threats on Linux. Features 🎯 Hunt...
Pytune Pytune is a post-exploitation tool for enrolling a fake device into Intune with mulitple platform support. Microsoft Intune is a cloud-based endpoint management solution designed to manage a variety of devices, including PCs...
Pentest Muse Building an AI agent that can automate parts of pentesting jobs and provide live suggestions to pentesters. Requirements Python 3.12 or later Necessary Python packages as listed in requirements.txt OpenAI API key Modes...
Forensic Tools forensictools is a toolkit designed for digital forensics, offering a wide array of tools. Its primary goal is to simplify the creation of a virtual environment for conducting forensic examinations. In addition to...
XMap: The Internet Scanner XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning. XMap is reimplemented and improved thoroughly from ZMap and is fully compatible with ZMap,...