The pentester's Swiss knife

generating reverse shells

shells: Script for generating reverse shells

Shellz A script for generating common reverse shells fast and easy. Especially nice when in need of PowerShell and Python reverse shells, which can be a PITA getting correctly formatted. PowerShell revshells Shows username@computer.(domain),...

threagile

threagile: Agile Threat Modeling Toolkit

Threagile Agile Threat Modeling Toolkit Threagile is an open-source toolkit for agile threat modeling: It allows to model architecture with its assets in an agile fashion as a YAML file directly inside the IDE. Upon...

Flutter Mobile Application Reverse Engineering

blutter: Flutter Mobile Application Reverse Engineering Tool

B(l)utter Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime Currently, the application supports only Android libapp.so. Also, the application currently works only against recent Dart versions. Install This application uses the...

shellcode encryption tool

Supernova: shellcode encryption tool

Supernova Supernova is an open-source tool that empowers users to securely encrypt and/or obfuscate their raw shellcode.Supernova supports various features beyond those typically found in a common shellcode encryptor tool. Features Supernova offers automatic...

Kerberos abuse

Kerbeus-BOF: Beacon Object Files for Kerberos abuse

Kerbeus-BOF Beacon Object Files for Kerberos abuse. This is an implementation of some important features of the Rubeus project, written in C. The project features integration with the C2 frameworks Cobalt Strike and Havoc. Download git clone https://github.com/RalfHacker/Kerbeus-BOF.git Use...

AI security

V’ger: AI/ML Security in Your Arsenal

V’ger V’ger is an interactive command-line application for post-exploitation of authenticated Jupyter instances with a focus on AI/ML security operations. User Stories As a Red Teamer, you’ve found Jupyter credentials, but don’t know what you...

Deepfake Offensive Toolkit

dot: The Deepfake Offensive Toolkit

Deepfake Offensive Toolkit dot (aka Deepfake Offensive Toolkit) makes real-time, controllable deepfakes ready for virtual camera injection. dot is created for performing penetration testing against e.g. identity verification and video conferencing systems, for the use by...

Web Shell Analyzer

Web Shell Analyzer: Web shell scanner and analyzer

Web Shell Analyzer Web shell analyzer is a cross-platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is...