Volatility 3: The volatile memory extraction framework Volatility is the world’s most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system...
OWASP Nettacker project is created to automate information gathering, vulnerability scanning, and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP,...
Maestro Maestro is a post-exploitation tool designed to interact with Intune/EntraID from a C2 agent on a user’s workstation without requiring knowledge of the user’s password or Azure authentication flows, token manipulation, and web-based...
FalconHound FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with an SIEM...
emp3r0r Linux/Windows post-exploitation framework made by Linux user features beautiful terminal UI, use tmux for window management multi-tasking, you don’t need to wait for any commands to finish basic API provided through Unix socket...
pwnlook Pwnlook is an offensive post exploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails configured in it. What it does: List mailboxes List folders...
Pandora This is a red team tool that assists in gathering credentials from different password managers. They are separated into three categories, Windows 10 desktop applications, browsers, and browser plugins. This may work on...
Wapiti works as a “black-box” vulnerability scanner, that means it won’t study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application, extracting links...
RustiveDump RustiveDump is a Rust-based tool designed to dump the memory of the lsass.exe process using only NT system calls. It creates a minimal minidump file from scratch, containing essential components like SystemInfo, ModuleList, and Memory64List, with support for XOR encryption and remote transmission....
KnowsMore KnowsMore is a Swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS, and DCSync). Main features Import NTLM Hashes from .ntds output txt file (generated by CrackMapExec or secretsdump.py)...