Masker Logger: Secure Your Logs, Protect Your Data
Masker Logger Have you ever been coding late at night, desperately trying to fix a bug before a deadline? In that mad scramble, did you accidentally log some sensitive data like a password or...
Author: ddos
Donut: Generates x86 and x64 position-independent shellcode
Donut Donut is a shellcode generation tool that creates x86 or x64 shellcode payloads from .NET Assemblies. This shellcode may be used to inject the Assembly into arbitrary Windows processes. Given an arbitrary .NET...
wtfis: Passive host and domain name lookup tool for non-robots
wtfis Passive host and domain name lookup tool for non-robots WTF is it? wtfis is a commandline tool that gathers information about a domain or FQDN using various OSINT services. Unlike other tools of its...
SuperdEye: Go-ing Beyond AV/EDR with Indirect Syscalls
SuperdEye SuperdEye is the implementation of HellHall (a revised version of TartarusGate) in pure Go and Go Assembler. The purpose is to scan hooked NTDLL and retrieve the Syscall number to then do an...
Chisel-Strike: .NET XOR encrypted cobalt strike aggressor implementation
Chisel-Strike A .NET XOR encrypted cobalt strike aggressor implementation for the chisel to utilize faster proxy and advanced socks5 capabilities. Why write this? In my experience, I found socks4/socks4a proxies quite slow in comparison...
apkleaks: Scanning APK file for URIs, endpoints & secrets
apkLeaks Scanning APK file for URIs, endpoints & secrets. Installation Linux $ sudo apt-get install libssl-dev swig -y OSX $ brew install openssl swig Windows You need to install: OpenSSL, and swig-win. To install apkLeaks,...
RequestShield: analyze HTTP access.logs and identify suspicious HTTP requests and potential security threats
RequestShield RequestShield is a 100% Free and Open Source tool designed to analyze HTTP access.logs and identify suspicious HTTP requests and potential security threats. It uses factors like geolocation, abuse history, request volume, and...
autobloody: automatically exploit Active Directory privilege escalation paths
autobloody autobloody is a tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound combining pathgen.py and autobloody.py. This tool automates the AD privesc between two AD objects, the source (the one we own) and...
Attack Surface Analyzer: analyze your operating system’s security configuration
Attack Surface Analyzer Attack Surface Analyzer (ASA) is a Microsoft-developed open source security tool that analyzes the attack surface of a target system and reports on potential security vulnerabilities introduced during the installation of...
bloodyAD: Active Directory Privilege Escalation Framework
bloodyAD BloodyAD is an Active Directory Privilege Escalation Framework. This tool can perform specific LDAP/SAMR calls to a domain controller in order to perform AD privesc. It supports authentication using cleartext passwords, pass-the-hash, pass-the-ticket,...
muraena: almost-transparent reverse proxy aimed at automating phishing and post-phishing activities
Muraena Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities. The tool re-implements the 15-years old idea of using a custom reverse proxy to dynamically interact with the origin to be...
makes: DevSecOps framework
Makes A software supply chain framework powered by Nix. Ever needed to run applications locally to try out your code? Execute CI/CD pipelines locally to make sure jobs are being passed. Keep execution environments frozen...
Hooka: Shellcode loader generator with multiples features
Hooka Hooka is able to generate shellcode loaders with multiple capabilities. It is also based on other tools like BokuLoader, Freeze or Shhhloader, and it tries to implement more evasion features. Why in Golang? Why not? Feature This...
WEF: WiFi Exploitation Framework
WEF – WiFi Exploitation Framework This project started over 2021 as a personal tool to easily audit networks without writing long commands or setting all values one by one, in order to automate the...
WhacAMole: Live memory analysis tool
WhacAMole WhacAMole is a program that analyzes processes in memory in an integral way, detecting and alerting of anomalies related to the malware and presenting and saving in files all the relevant information for...
Exposor: A Contactless Reconnaissance Tool
Exposor Exposor is a contactless reconnaissance tool focused on technology detection across Censys, Fofa, Shodan, and Zoomeye. With a unified syntax for multi-platform querying, It gives security researchers and professionals a clear view of exposed systems, enabling quick...
