ShadowDumper Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service) memory, often needed in penetration testing and red teaming activities. It offers flexible options to users and uses...
convoC2 Command and Control infrastructure that allows Red Teamers to execute system commands on compromised hosts through Microsoft Teams. It infiltrates data into hidden span tags in Microsoft Teams messages and exfiltrates command outputs...
Kernel Callback Tables for Process Injection The Kernel Callback Table in the Process Environment Block (PEB) can be hijacked by attackers to redirect a process’s execution flow, enabling them to execute malicious payloads. This...
Inveigh Inveigh is a cross-platform .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers. This repo contains the primary C# version as well as the legacy PowerShell version. Overview Inveigh conducts spoofing attacks and hash/credential captures...
Cable Cable is a simple post-exploitation tool used for enumeration and further exploitation of Active Directory environments. This tool was primarily created to learn more about .NET offensive development in an Active Directory context,...
Cloud Offensive Breach and Risk Assessment (COBRA) Tool Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of...
hate_crack A tool for automating cracking methodologies through Hashcat from the TrustedSec team. Installation Get the latest hashcat binaries OSX Install mkdir -p hashcat/deps git clone https://github.com/KhronosGroup/OpenCL-Headers.git hashcat/deps/OpenCL cd hashcat/ make make install Download...
Halberd: Multi-Cloud Security Testing Tool Halberd is a powerful, multi-cloud security testing tool. Born out of the need for a unified, easy-to-use tool, Halberd enables you to proactively assess your cloud defenses by executing...
What is Impacket? Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC)...
Silver SAML Forger Silver SAML Forger is C# tool that helps you create custom SAML responses. It can be used to implement the Silver SAML attack. Defend against Silver SAML To safeguard effectively against...
S3Scanner A tool to find open S3 buckets in AWS or other cloud providers: AWS DigitalOcean DreamHost GCP Linode Custom The tool takes in a list of bucket names to check. Found S3 buckets...
pwnobd Offensive cybersecurity toolkit for vulnerability analysis and penetration testing of OBD-II devices. Adding new functionality Most functionality is dynamically registered onto pwnobd through the use of decorators. Attacks Located in src/pwnobd/modules/attacks/. See...
Matildapp In our modern, interconnected world, the concept of Web3, also known as the decentralized web, represents the next significant shift in Internet technology. Web3, underpinned by blockchain technology and smart contracts, offers unprecedented...
PowerHub PowerHub is a web application which aids a pentester in transferring files, in particular, code which may get flagged by endpoint protection. During an engagement where you have a test client available, one...
SuperMega – Cordyceps Implementation SuperMega is a shellcode loader by injecting it into genuine executables (.exe or .dll). The loader is programmed in C. The idea is that injecting shellcode nicely into a non-malicious...
Ulfberht Shellcode loader Features : Indirect syscall. Module stomping. Load a stomped module using APC. Execute the payload with a direct jump (jmp) without creating a new thread. API hashing implemented using the DJB2...
