pwnat: Breakthrough NAT Traversal Without Port Forwarding
pwnat pwnat, by Samy Kamkar, is a tool that allows any client behind a NAT to communicate with a server behind a separate NAT with no port forwarding and no DMZ setup on any routers to...
Category: Open Source Tool
GraphQLer: The Smart, Schema-Aware GraphQL API Security Tester
GraphQLer GraphQLer is a cutting-edge tool designed to dynamically test GraphQL APIs with a focus on awareness. It offers a range of sophisticated features that streamline the testing process and ensure robust analysis of...
BlueToolkit: The Extensible Framework for Bluetooth Security Testing
BlueToolkit BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. It works by executing templated exploits one by one and verifying appropriate properties based...
Ropdump: Your Arsenal for Uncovering ROP Gadgets and Binary Vulnerabilities
ROPDump ROPDump is a tool for analyzing binary executables to identify potential Return-Oriented Programming (ROP) gadgets, as well as detecting potential buffer overflow and memory leak vulnerabilities. Features Identifies potential ROP gadgets in binary...
MemFiles: Bypassing Disk-Based Detection with CobaltStrike
MemFiles MemFiles is a toolkit for CobaltStrike that enables Operators to write files produced by the Beacon process into memory, rather than writing them to disk on the target system. It has been successfully...
ADRecon: Your Comprehensive Active Directory Intelligence Toolkit
ADRecon: Active Directory Recon ADRecon is a tool that extracts and combines various artifacts out of an AD environment. The information can be presented in a specially formatted Microsoft Excel report that includes summary...
HEVD Exploit: Escalating from Low Integrity to SYSTEM
HackSys Extreme Vulnerable Driver (HEVD) – BufferOverflowNonPagedPoolNx Exploit This repository contains an exploit for the BufferOverflowNonPagedPoolNx vulnerability in HackSys Extreme Vulnerable Driver (HEVD). The exploit targets Windows 10 Version 22H2 (OS Build 19045.3930) and demonstrates...
apkInspector: The Zip-Compliant APK Analyzer & Extractor
apkInspector apkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract the content and decode the AndroidManifest.xml file. What sets APKInspector apart is...
Horus: An OSINT / digital forensics tool built in Python
Horus Horus is a comprehensive OSINT (Open-Source Intelligence) and digital forensics tool built in Python. From leveraging APIs to compiling data, Horus serves as your all-in-one solution for investigative assistance. Whether you’re conducting digital...
Atexec-pro: Next-Gen Pentesting Tool Leveraging Task Scheduler (No Port 445)
Atexec-pro Modified based on atexec.py (ATSVC example for some functions implemented, creates, enums, runs and deletes jobs. This example executes a command on the target machine through the Task Scheduler service. Returns the output of...
webcopilot – All-in-One Web Vulnerability Scanner: Find XSS, SQLi, RCE, and More
WebCopilot WebCopilot is an automation tool designed to enumerate subdomains of the target and detect bugs using different open-source tools. The script first enumerates all the subdomains of the given target domain using assetfinder, sublister,...
MSC Dropper Tool: Automated Weaponization of Microsoft Management Console Files
MSC Dropper Tool MSC Dropper is a Python script designed to automate the creation of MSC (Microsoft Management Console) files with customizable payloads for arbitrary execution. This tool leverages a method discovered by Samir...
