The pentester's Swiss knife

Suricata

Suricata: network IDS, IPS and NSM engine

What is Suricata The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry but...

pypykatz

pypykatz: Mimikatz implementation in pure Python

pypykatz Mimikatz implementation in pure Python Why do I need these dumps files? To create mimikatz in Python, one would have to create structure definitions of a gazillion different structures (check the original code)...

MemProcFS

MemProcFS: The Memory Process File System

The Memory Process File System: The Memory Process File System (MemProcFS) is an easy and convenient way of accessing physical memory as files a virtual file system. Easy trivial point-and-click memory analysis without the...

BurpSuite exention

HaE: BurpSuite Highlighter and Extractor

HaE – Highlighter and Extractor HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages.   The plugin can custom regular expressions to match HTTP response messages. You can decide...

reNgine

reNgine: an automated reconnaissance framework

reNgine reNgine is an automated reconnaissance framework with a focus on a highly configurable streamlined recon process. reNgine is backed by a database, with data correlation and organization, the custom query “like” language for...

Attack Simulation Platform

OpenBAS: Open Breach and Attack Simulation Platform

OpenBAS OpenBAS is an open-source platform allowing organizations to plan, schedule, and conduct cyber adversary simulation campaigns and tests. The goal is to create a powerful, reliable, and open-source tool to effectively plan and...

Reverse Shells

EchoStrike: Undetectable Reverse Shells with a Pythonic Twist

EchoStrike EchoStrike is a tool designed to generate undetectable reverse shells and perform process injection on Windows systems. Through an interactive wizard written in Python, users can customize their binaries with advanced persistence and encryption techniques. The malware code is written...

OWASP SecurityRAT

OWASP SecurityRAT: Tool for handling security requirements

OWASP SecurityRAT OWASP SecurityRAT (Requirement Automation Tool) is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is: specify parameters of the software artifact you’re...

Security Assessment tool

Cloudsplaining: an AWS IAM Security Assessment tool

Cloudsplaining Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. Cloudsplaining identifies violations of least privilege in AWS IAM policies and generates a...

Red Team

GhostStrike: The Undetectable Red Team Weapon

GhostStrike GhostStrike is an advanced cybersecurity tool designed for Red Team operations, featuring sophisticated techniques to evade detection and perform process hollowing on Windows systems. Feature Dynamic API Resolution: Utilizes a custom hash-based method to dynamically...