Whether you’re a developer, security engineer, or just a curious person, Cloud Snitch is guaranteed to teach you something and take your relationship with your cloud to the next level. Cloud Snitch provides a...
Nimhawk is an advanced command and control (C2) framework that builds upon the exceptional foundation laid by Cas van Cooten (@chvancooten) with his NimPlant project. Cas’s innovative work in developing a lightweight implant written in Nim has been...
DreamWalkers Reflective shellcode loader inspired by MemoryModule and Donut, with advanced call stack spoofing and .NET support. Unlike traditional call stack spoofing, which often fails within reflectively loaded modules due to missing unwind metadata, DreamWalkers introduces a...
Corporate laptops and production servers typically have robust security monitoring in place to reduce risk and meet compliance requirements. However, CI/CD runners, which handle sensitive information like secrets for cloud environments and create production...
Fully automated MCP server built on top of apktool to analyze Android APKs using LLMs like Claude — uncover vulnerabilities, parse manifests, and reverse engineer effortlessly. apktool-mcp-server is a MCP server for the Apk Tool that integrates...
The Damn Vulnerable Model Context Protocol (DVMCP) is an educational project designed to demonstrate security vulnerabilities in MCP implementations. It contains 10 challenges of increasing difficulty that showcase different types of vulnerabilities and attack...
Perhaps the most critical component of an AWS infrastructure is the policy document describing the actions allowed or denied to a resource. IAM can become a messy kitchen as misconfigurations will introduce gaps in...
FrogPost is a powerful Chrome extension for testing and analyzing the security of postMessage communications between iframes. It helps developers and security professionals identify vulnerabilities in message-handling implementations. Key Features Live monitor of cross-origin postMessage traffic Automatic detection...
jxscout is a tool designed to help security researchers analyze and find vulnerabilities in JavaScript code. It works with your favorite proxy (Burp or Caido), capturing requests and saving optimized versions locally for easy analysis...
RemoteMonologue is a Windows credential harvesting technique that enables remote user compromise by leveraging the Interactive User RunAs key and coercing NTLM authentications via DCOM. Features 🔹 Authentication Coercion via DCOM (-dcom) Targets three DCOM...
ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions. ZigStrike...
Loki is a stage-1 command and control (C2) framework written in Node.js, built to script-jack vulnerable Electron apps MITRE ATT&CK T1218.015. Developed for red team operations, Loki enables evasion of security software and bypasses application...
Hollowise is a Windows-based tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques. It allows for stealth execution of debuggers and code and network analizers by replacing the memory of a suspended process (e.g. calc.exe) with...
UUSEC WAF Web Application Firewall is an industrial grade free, high-performance, and highly scalable web application and API security protection product that supports AI and semantic engines. It is a comprehensive website protection product launched...
FirmwareDroid is a research project that aims to develop novel methods to analyse Android firmware. It is mainly made to automate the process of extracting and scanning pre-installed Android apps for security research purposes....
Fofa Viewer A simple FOFA client written in JavaFX Features Support tabs Feature-rich Context Menu on items Export query result into Excel spreadsheet Manually set max query count pre-query for non-premium users (Change the...
