ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions. ZigStrike...
Loki is a stage-1 command and control (C2) framework written in Node.js, built to script-jack vulnerable Electron apps MITRE ATT&CK T1218.015. Developed for red team operations, Loki enables evasion of security software and bypasses application...
Hollowise is a Windows-based tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques. It allows for stealth execution of debuggers and code and network analizers by replacing the memory of a suspended process (e.g. calc.exe) with...
UUSEC WAF Web Application Firewall is an industrial grade free, high-performance, and highly scalable web application and API security protection product that supports AI and semantic engines. It is a comprehensive website protection product launched...
FirmwareDroid is a research project that aims to develop novel methods to analyse Android firmware. It is mainly made to automate the process of extracting and scanning pre-installed Android apps for security research purposes....
Fofa Viewer A simple FOFA client written in JavaFX Features Support tabs Feature-rich Context Menu on items Export query result into Excel spreadsheet Manually set max query count pre-query for non-premium users (Change the...
WiFi Exploitation Framework This tool is designed for security researchers and penetration testers to analyze and exploit vulnerabilities in Wi-Fi networks. It provides an intuitive interface with a wide range of automated and manual...
peeko is a browser-based XSS-powered C2 (Command and Control) tool that leverages the victim’s browser as a stealthy proxy inside internal networks. Through an injected XSS payload, peeko establishes a WebSocket connection to a central...
ghidraMCP is an Model Context Protocol server for allowing LLMs to autonomously reverse engineer applications. It exposes numerous tools from core Ghidra functionality to MCP clients. Features MCP Server + Ghidra Plugin Decompile and...
chain-bench Chain-bench is an open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark. The auditing focuses on the entire SDLC process, where...
Nali An offline tool for querying IP geographic information and CDN provider. Inspired by the Nali C version and nali-cli js version. I want to query the IP geographic information and CDN service provider...
Varalyze is a threat intelligence tool suite that combines a diverse range of web-based applications into one seamless platform through the use of APIs and python libraries. This allows for comprehensive security event triaging due...
Kereva LLM Code Scanner is a static analysis tool designed to identify potential security risks, performance issues, and vulnerabilities in Python codebases that use Large Language Models (LLMs). It analyzes your code without execution...
Docker for Pentesters Docker containerization is the most powerful technology in the current market so I came up with the idea to develop Docker images for Pentesters. Nightingale contains all the required well-known tools...
BinSync is a decompiler collaboration tool built on the Git versioning system to enable fined-grained reverse engineering collaboration regardless of decompiler. BinSync is built by mahaloz, the angr team, and the SEFCOM research lab. It’s also due in large...
gowitness gowitness is a website screenshot utility written in Golang, that uses Chrome Headless to generate screenshots of web interfaces using the command line, with a handy report viewer to process results. Both Linux and...
