ADOKit: Azure DevOps Services Attack Toolkit
ADOKit Azure DevOps Services Attack Toolkit – ADOKit is a toolkit that can be used to attack Azure DevOps Services by taking advantage of the available REST API. The tool allows the user to...
Monthly Archive: February 2025
D3m0n1z3dShell: Advanced Tool for persistence in Linux
D3m0n1z3dShell Demonized Shell is an Advanced Tool for persistence in Linux. Demonized Features Auto Generate SSH keypair for all users APT Persistence Crontab Persistence Systemd User level Systemd Root Level Bashrc Persistence Privileged user...
SucoshScanny: automated Source Code vulnerability scanner and assessment framework
Sucosh Scanny “Sucosh” is an automated Source Code vulnerability scanner(SAST) and assessment framework for Python(Flask-Django) & NodeJs capable of performing code review in Web Application Developing or Source Code Analysis processes. It can detect...
avred: AntiVirus REDucer for AntiVirus REDteaming
avred AntiVirus REDucer for AntiVirus REDteaming. Avred is being used to identify which parts of a file are identified by an Antivirus and tries to show as much possible information and context about each...
DockerExploit: Docker Remote API Scanner and Exploit
Docker Remote API Scanner and Exploit This repository contains a Docker Remote API Scanner and Exploit tool designed for educational and research purposes. It enables users to perform security assessments and experiments related to...
CLZero: fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
CLZero A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors. Inspired by the tool Smuggler all attack gadgets adapted from Smuggler and https://portswigger.net/research/how-to-turn-security-research-into-profit CL.0 Identification method The first request will be the “base” request. This is...
skytrack: A planespotting and aircraft OSINT tool
skytrack skytrack is a command-line-based plane spotting and aircraft OSINT reconnaissance tool made using Python. It can gather aircraft information using various data sources, generate a PDF report for a specified aircraft, and convert...
BugChecker: kernel and user debugger for Windows 11
BugChecker BugChecker is a SoftICE-like kernel and user debugger for Windows 11 (and Windows XP as well: it supports Windows versions from XP to 11, both x86 and x64). BugChecker doesn’t require a second machine...
r4ven: Track the IP address and GPS location of the user’s smartphone or PC and capture a picture of the target
r4ven The tool hosts a fake website that uses an iframe to display a legit website and, if the target allows it, it will fetch the Gps location (latitude and longitude) of the target,...
RemoteTLSCallbackInjection: execute a payload without spawning any threads in a remote process
Maldev Academy – RemoteTLSCallbackInjection This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless Injection as RemoteTLSCallbackInjection does not invoke any API calls...