Category: Network Attacks
Tempest Tempest is a command and control framework written in 100% Rust. TEMPEST COMPONENTS: anvil – server 2 servers with APIs. All APIs are authenticated and unauth-discovery resistent. sqlite local database internal functions (building imps,...
What is WHAD? The cybersecurity community has published a lot of wireless hacking tools based on various hardware platforms and custom communication protocols specifically designed to work with associated software. This leads to hackers...
smbtakeover A technique to unbind and rebind 445/tcp on Windows without loading a driver, loading a module into LSASS, or rebooting the target machine. Implemented to ease the burden of SMB-based NTLM relays while...
BloodHound BloodHound CE is a security tool that uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Entra ID (formerly known as Azure AD) environment. Attackers can...
brutespray Brutespray has been updated to golang. Without needing to rely on other tools this version will be extensible to bruteforce many different services and is way faster than its Python counterpart. Currently, Brutespray...
EDR Telemetry Blocker Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in the TLS Client Hello...
OperatorsKit This repository contains a collection of Beacon Object Files (BOFs) that integrate with Cobalt Strike. Kit content The following tools are currently in the OperatorsKit: Name Description AddExclusion Add a new exclusion to...
Gapcast Gapcast is an IEEE 802.11 packet injection and analyzer software. The purpose of gapcast is to accurately detect each router’s clients, analyze, capture, inject packets & perform attacks (like Evil-Twin). Gapcast adds more...
i2pd i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client. I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don’t reveal...
PsMapExec A PowerShell tool heavily inspired by the popular tool CrackMapExec / NetExec. PsMapExec aims to bring the function and feel of these tools to PowerShell with its own arsenal of improvements. PsMapExec is...
SQLRecon Description A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation. Mandatory Arguments The mandatory arguments consist of an authentication type (either Windows, Local or Azure), connection parameters and a module. -a – Authentication...
What is Sippts? Sippts is a suite of tools to audit VoIP servers and devices using SIP protocol. It is programmed in Perl script and it allows us to check the security of a...
RedGuard – Excellent C2 Front Flow Control tool RedGuard is a derivative work of the C2 facility pre-flow control technology. It has a lighter design, efficient flow interaction, and reliable compatibility with go language...
ADRecon: Active Directory Recon ADRecon is a tool that extracts and combines various artifacts out of an AD environment. The information can be presented in a specially formatted Microsoft Excel report that includes summary...
RedELK Red Team’s SIEM – tool for Red Teams for tracking and alarming about Blue Team activities as well as enhanced usability in long-term operations. Enhanced usability and overview for the red team operators by...
Villain Villain is a high level C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers...