RPC Investigator RPC Investigator (RPCI) is a .NET/C# Windows Forms UI application that provides an advanced discovery and analysis interface to Windows RPC endpoints. The tool provides a visual interface around the existing core...
APKHunt | OWASP MASVS Static Analyzer APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers...
Ghost Scout is an LLM assisted OSINT and phishing email generation tool that performs reconnaissance on target companies, finds their employees, and builds profiles for personalized emails based on public sources. Overview This application...
BerylEnigma A CTF + penetration testing toolkit, mainly to achieve some common encryption and coding functions, in the process of using the software found problems or suggestions are welcome to submit issues and also...
msLDAPDump LDAP enumeration tool implemented in Python3 msLDAPDump simplifies LDAP enumeration in a domain environment by wrapping the lpap3 library from Python in an easy-to-use interface. Like most of my tools, this one works...
ReconAIzer ReconAIzer is a powerful Jython extension for Burp Suite that leverages OpenAI to help bug bounty hunters optimize their recon process. This extension automates various tasks, making it easier and faster for security...
The ClamAV 1.5.0 antivirus engine has been released, introducing one of the most significant updates in recent years — FIPS mode support for verifying the authenticity of signature databases. The Freshclam and CVDUpdate tools...
Crassus Windows privilege escalation discovery tool Why “Crassus”? Accenture made a tool called Spartacus, which finds DLL hijacking opportunities on Windows. Using Spartacus as a starting point, we created Crassus to extend Windows privilege escalation...
promptfoo is an open-source CLI and library for evaluating and red-teaming LLM apps. With promptfoo, you can: Build reliable prompts, models, and RAGs with benchmarks specific to your use-case Secure your apps with automated red teaming and pentesting...
WPAxFuzz This tool is capable of fuzzing either any management, control, or data frame of the 802.11 protocol or the SAE exchange. For the management, control, or data frames, you can choose either the...
AI-Powered CAPTCHA Solver This project is a Python-based command-line tool that uses large multimodal models (LMMs) like OpenAI’s GPT-4o and Google’s Gemini to automatically solve various types of CAPTCHAs. It leverages Selenium for web...
A developer operating under the handle 0xr0BIT has released a new Windows security-audit tool called TaskHound. It is designed to discover scheduled tasks that run with elevated privileges or that rely on stored credentials—assets...
