CloudGrappler CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure. Key Features Threat Actor Querying...
eclipse Eclipse was designed as a part of Nebula Pro, the first AI-Powered Penetration Testing Application. Eclipse was designed to address the growing concerns surrounding sensitive data management. Unlike traditional methods, Eclipse is not limited...
SecretPixel – Advanced Image Steganography Tool SecretPixel is a cutting-edge steganography tool designed to securely conceal sensitive information within images. It stands out in the realm of digital steganography by combining advanced encryption, compression,...
LogSnare LogSnare is an intentionally vulnerable web application, where your goal is to go from a basic gopher user of the LogSnare company to the prestigious acme-admin of Acme Corporation. The application, while hosting multiple vulnerabilities,...
Surfactant A modular framework to gather file information for SBOM generation and dependency analysis. Surfactant can be used to gather information from a set of files to generate an SBOM, along with manipulating SBOMs...
GearGoat: Car Vulnerabilities Simulator A Python implementation inspired by ICSim. Currently supports running on a single interface “vcan0” and fixed arbitration IDs for the actions including, turn indicators, door lock unlock indicators, and speedometer....
DefaceIntel-Visionary The purpose of this project is to develop a robust Web Defacement Detection tool that monitors websites for signs of defacement, an attack where the visual appearance of a website is altered by...
NucleiScanner NucleiScanner is an automation tool that combines Nuclei, Subfinder, Gau, Paramspider, and httpx functionality to enhance web application security testing. It uses Subfinder to collect subdomains, Gau to collect URLs by filtering unwanted...
findmytakeover findmytakeover detects dangling DNS records in a multi-cloud environment. It does this by scanning all the DNS zones and the infrastructure present within the configured cloud service provider either in a single account...
Ace The Game Ace The Game is the first open-source hacking tool designed for manipulating the memory of Android applications enabling users to change and freeze memory values. This tool also has an interesting...
xnldorker This is a tool used to run a dork on different search sites. The available sources are currently: DuckDuckGo, Bing, Startpage, Yahoo, Google IMPORTANT: If you use advanced search operators, be aware that operators...
KubeHound KubeHound creates a graph of attack paths in a Kubernetes cluster, allowing you to identify direct and multi-hop routes an attacker can take, visually or through complex graph queries. KubeHound can identify more...
dahn – Deceptively Adaptive Honey Net Traditional honey nets offer static infrastructure and static responses. In DAHN, the infrastructure is abstracted, with lambda/gpt API (prompts stipulated) returning seemingly native responses to the threat actor,...
Entraspray Entraspray is a rewrite of MSOLSpray in Python. The main purpose of this tool remains the same: to perform password spraying against Microsoft Azure accounts while also providing detailed information about account status...
Concealment Layer – Reverse Proxy for Concealing and Deceiving Website Information CLay offers a unique and powerful feature that goes beyond traditional security measures. CLay takes deception to a new level by mimicking the...
MultCheck MultCheck is a malware-analysis tool that can be used to test the detection of a file by multiple AV engines. It is designed to be easy to use and to be able to...
