hawk: gathering information related to O365 intrusions and potential Breaches
HAWK What Hawk is and isn’t Hawk provides a Limited analysis of the gathered data. This is by design! Hawk is here to help get all of the data in a single place it...
Author: Nam Phong
hobbits: multi-platform GUI for bit-based analysis, processing, and visualization
Hobbits Hobbits is a software platform for analyzing, processing and visualizing bits. The Hobbits GUI is the central tool of the platform and will be the primary focus of this document. The Hobbits Runner...
Nemesis: An offensive data enrichment pipeline
Nemesis Nemesis is an offensive data enrichment pipeline and operator support system. Built on Kubernetes with scale in mind, our goal with Nemesis was to create a centralized data processing platform that ingests data...
shells: Script for generating reverse shells
Shellz A script for generating common reverse shells fast and easy. Especially nice when in need of PowerShell and Python reverse shells, which can be a PITA getting correctly formatted. PowerShell revshells Shows username@computer.(domain),...
AD_Miner: Active Directory audit tool
ADMiner ADMiner is an Active Directory audit tool that leverages cypher queries to crunch data from the BloodHound graph database (neo4j) and gives you a global overview of existing weaknesses through a web-based static report, including...
threagile: Agile Threat Modeling Toolkit
Threagile Agile Threat Modeling Toolkit Threagile is an open-source toolkit for agile threat modeling: It allows to model architecture with its assets in an agile fashion as a YAML file directly inside the IDE. Upon...
blutter: Flutter Mobile Application Reverse Engineering Tool
B(l)utter Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime Currently, the application supports only Android libapp.so. Also, the application currently works only against recent Dart versions. Install This application uses the...
Supernova: shellcode encryption tool
Supernova Supernova is an open-source tool that empowers users to securely encrypt and/or obfuscate their raw shellcode.Supernova supports various features beyond those typically found in a common shellcode encryptor tool. Features Supernova offers automatic...
Kerbeus-BOF: Beacon Object Files for Kerberos abuse
Kerbeus-BOF Beacon Object Files for Kerberos abuse. This is an implementation of some important features of the Rubeus project, written in C. The project features integration with the C2 frameworks Cobalt Strike and Havoc. Download git clone https://github.com/RalfHacker/Kerbeus-BOF.git Use...
V’ger: AI/ML Security in Your Arsenal
V’ger V’ger is an interactive command-line application for post-exploitation of authenticated Jupyter instances with a focus on AI/ML security operations. User Stories As a Red Teamer, you’ve found Jupyter credentials, but don’t know what you...
blackpill: A stealthy Linux rootkit made in Rust
blackpill A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs Features The rootkit is composed of multiple modules (talking about Rust modules, not kernel modules): defense...
AI Exploits: A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
AI Exploits The AI world has a security problem and it’s not just in the inputs given to LLMs such as ChatGPT. Based on research done by Protect AI and independent security experts on the Huntr Bug...
