ScreenshotBOF An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. The screenshot was downloaded in memory. Changelog v2.0 JPEG is used in place of BMP...
Leveraging on LLM’s abilities to mimic cognitive human agents, WAFSmith aims to reduce the friction of WAF rule governance from rule creation to deployment in minutes. It is designed as a highly disruptive tool...
LDAP Nom Nom Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP) Looks for enabled normal user accounts. No Windows audit logs were generated. High-speed ~ up to 10K/sec...
Red AI Range (RAR) is a comprehensive security platform designed specifically for AI red teaming and vulnerability assessment. It creates realistic environments where security professionals can systematically discover, analyze, and mitigate AI vulnerabilities through...
Stamus Networks has announced the release of Clear NDR Community 1.0 — the open edition of its network detection and response platform. The launch marks the project’s evolution into a solution ready for industrial...
deepce Docker Enumeration, Escalation of Privileges, and Container Escapes (DEEPCE) In order for it to be compatible with the maximum number of containers DEEPCE is written in pure sh with no dependencies. It will make...
EvilTree A standalone python3 remake of the classic “tree” command with the additional feature of searching for user-provided keywords/regex in files, highlighting those that contain matches. Created for two main reasons: While searching for...
GitFive GitFive is an OSINT tool to investigate GitHub profiles. Main features : Usernames / names history Usernames / names variations Email address to GitHub account Find GitHub’s accounts from a list of email...
Penelope is a powerful shell handler built as a modern netcat replacement for RCE exploitation, aiming to simplify, accelerate, and optimize post-exploitation workflows. Features Session Features Description Unix with Python>=2.3 Unix without Python>=2.3 Windows...
Security researcher Matthew Bryant has introduced a new tool called Thermoptic—an HTTP proxy that disguises network requests as genuine Chrome browser traffic, enabling users to circumvent blocking systems based on connection fingerprint analysis. Such...
Havoc Havoc is a modern and malleable post-exploitation command and control framework, created by @C5pider. Features Client Cross-platform UI written in C++ and Qt Modern, dark theme based on Dracula Teamserver Written in Golang Multiplayer Payload...
Minino is an original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT (Internet of Things) devices. It was designed as a mini Cat that integrates the powerful ESP32C6 and a GPS,...
