S3Scanner: Scan for open S3 buckets and dump
S3Scanner A tool to find open S3 buckets in AWS or other cloud providers: AWS DigitalOcean DreamHost GCP Linode Custom The tool takes in a list of bucket names to check. Found S3 buckets...
Category: Open Source Tool
Knock: enumerate subdomains on a target domain
Knock Knock is a Python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for DNS zone transfer and to try to bypass the wildcard DNS...
pwnobd: Offensive cybersecurity toolkit for vulnerability analysis and penetration testing of OBD-II devices
pwnobd Offensive cybersecurity toolkit for vulnerability analysis and penetration testing of OBD-II devices. Adding new functionality Most functionality is dynamically registered onto pwnobd through the use of decorators. Attacks Located in src/pwnobd/modules/attacks/. See...
cemu: lightweight multi-architecture assembly playground
cemu Writing assembly is fun. Assembly is the lowest language (humanly understandable) available to communicate with computers, and is crucial to understand the internal mechanisms of any machine. Unfortunately, setting up an environment to...
bincat: Binary code static analyser, with IDA integration
What is BinCAT? A static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA. It features: value analysis (registers and memory) taint analysis type reconstruction and propagation backward and forward analysis In action...
Traceeshark: Linux Runtime Security Monitoring Meets Wireshark
What is Traceeshark? Traceeshark brings the world of Linux runtime security monitoring and advanced system tracing to the familiar and ubiquitous network analysis tool Wireshark. Using Traceeshark, you can load Tracee captures in JSON format into...
Brakeman: A static analysis security vulnerability scanner for Ruby on Rails applications
Brakeman Brakeman is an open-source static analysis tool that checks Ruby on Rails applications for security vulnerabilities. It can detect: Possibly unescaped model attributes or parameters in views (Cross-Site Scripting) Bad string interpolation in...
AIL framework: Analysis Information Leak framework
AIL framework AIL framework – Framework for Analysis of Information Leaks AIL is a modular framework to analyse potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured...
blackdagger: Revolutionizing Automation in DevOps, DevSecOps, and Beyond
Blackdagger Blackdagger represents a significant advancement in automation technology, offering a comprehensive solution for orchestrating complex workflows in DevOps, DevSecOps, MLOps, MLSecOps, and Continuous Automated Red Teaming (CART) environments. At its core, Blackdagger simplifies...
clair: Vulnerability Static Analysis for Containers
Clair Clair is an open-source project for the static analysis of vulnerabilities in application containers (currently including appc and docker). In regular intervals, Clair ingests vulnerability metadata from a configured set of sources and stores it in the...
HookCase: Tool for reverse engineering macOS/OS X
HookCase HookCase is a tool for debugging and reverse engineering applications on macOS (aka OS X), and the operating system itself. It re-implements and extends Apple’s DYLD_INSERT_LIBRARIES functionality. It can be used to hook any method...
MACOBOX: The all-in-one hacking toolbox for hardware penetration testing
MACOBOX The all-in-one hacking toolbox for hardware penetration testing. MACOBOX is designed to simplify and enhance hardware penetration testing by providing a comprehensive toolset for analyzing and extracting firmware from various hardware interfaces. With...
