Tag: Penetration Testing
-
Meet Xalgorix: The World’s Most Powerful Open-Source Autonomous AI Pentesting Agent
Xalgorix — The Most Powerful Open-Source AI Pentesting Agent Xalgorix is the most comprehensive open-source autonomous penetration testing platform. It combines the power of AI with 70+ security tools to deliver enterprise-grade pentesting — completely free. Why Xalgorix is #1 Claim Reality Most Complete Only open-source tool with Web UI + Live Feed + Chat +…
-
Beyond the Firewall: How TailVNC Fuses WireGuard and VNC for Untraceable Access
TailVNC A Windows remote desktop persistence tool built on top of Tailscale’s WireGuard-encrypted mesh network. TailVNC embeds a fully self-contained VNC server and Tailscale node into a single binary, enabling secure remote desktop access over Tailscale/Headscale without exposing any ports to the public internet. Designed for both legitimate infrastructure administration and red team persistence operations.…
-
Meet PentAGI: The Autonomous AI Swarm Redefining Modern Penetration Testing
PentAGI PentAGI is an innovative tool for automated security testing that leverages cutting-edge artificial intelligence technologies. The project is designed for information security professionals, researchers, and enthusiasts who need a powerful and flexible solution for conducting penetration tests. Features Secure & Isolated. All operations are performed in a sandboxed Docker environment with complete isolation. Fully…
-
Ghost in the Browser: Hijacking Authenticated Sessions via NTLM Relay with ghostsurf
ghostsurf NTLM HTTP relay tool with SOCKS proxy for browser session hijacking. Capture NTLM auth, relay to HTTP/HTTPS targets, then browse as the victim through a SOCKS proxy. This works even when cookie replay doesn’t. Features Browser Session Hijacking: SOCKS5 proxy lets you browse as the relayed user Auto Session Selection: Single session auto-selects; multiple…
-
One Tool to Rule the Clouds: Auditing AWS, Azure, and Alibaba with Cloudtoolkit
cloudtoolkit Interactive multi-cloud security assessment framework. Capability overview Providers Payload Supported Alibaba Cloud backdoor-user: Backdoored user can be used to obtain persistence in the Cloud environment. bucket-dump: Quickly enumerate buckets to look for loot. cloudlist: Getting Assets from Cloud Providers to augment Attack Surface Management efforts. ECS (Elastic Compute Service) OSS (Object Storage Service) RAM…
-
Ghosts in the Shell: Kali Linux 2026.1 Resurrects the Legendary BackTrack 5 for its 20th Anniversary
Kali Linux 2026.1 has arrived, bearing not merely a novel array of software packages, but an unexpected, nostalgic echo from the past. The vanguard of its development team has unveiled the inaugural rolling release of 2026; accompanying the modernized kernel is a meticulously crafted mode that resurrects, almost flawlessly, the visual aesthetic of the legendary…
-
Beyond the Active Session: Hunting Offline Secrets with ProfileHound’s New Graph Edge
ProfileHound is a post-escalation tool to help find and achieve red-teaming objectives by locating domain user profiles on machines. It uses the BloodHound OpenGraph format to build a new edge called HasUserProfile which determines if a user profile exists on a computer. This edge allows operators to make informed decisions about which computers to target for looting…
-
Connecting the Dots: PrivHound Transforms Windows Local Privilege Escalation into an Explorable Graph
PrivHound Local Privilege Escalation, as a Graph. A BloodHound OpenGraph collector that models Windows local privilege escalation as interconnected attack paths not a wall of text. For a long time, BloodHound has proven that attackers think in graphs, transforming Active Directory misconfigurations from static checklists into explorable attack paths. Yet when it comes to local…
-
Beyond the Perimeter: Auditing Active Directory Security with ADPulse’s 35-Point Automated Scan
ADPulse — Active Directory Security Scanner ADPulse is an open-source Active Directory security auditing tool that connects to a domain controller via LDAP(S), runs 35 automated security checks, and produces detailed reports in console, JSON, and HTML formats. It is designed for IT administrators, penetration testers, and security teams who need a fast, read-only assessment…
-
Stealth & Control: Mastering Linux Post-Exploitation with the Eden-RAT GUI
Introduction Eden-RAT is a lightweight remote access tool (RAT) designed for the initial stage of penetration testing. It provides a graphical user interface (GUI) with multiple features for Linux systems, including a file manager and an interactive shell. The interactive shell allows full command execution, enabling users to run commands such as ssh, nc, apt, pip install, vim, and other…
-
Cobalt Strike Linux Beacon: Building a Custom Cobalt Strike Beacon for Linux
Cobalt Strike Linux Beacon A proof-of-concept custom Linux Beacon written in C that communicates with the Cobalt Strike teamserver using the HTTP/S protocol. The goal of this project isn’t to be a fully featured implant, nor is it limited to just Linux. It is to show that it is possible to make custom implants for…
-
Hacking the Basics: A 17-Flag Guide to the MBPTL Pen Testing Lab
Most Basic Penetration Testing Lab (MBPTL) A comprehensive, hands-on penetration testing lab designed to teach cybersecurity fundamentals through practical exercises. This document outlines the complete process for discovering and collecting all 17 flags across the MBPTL environment. The lab is designed to simulate real-world penetration testing scenarios and demonstrate various attack vectors and techniques. Flag Checklist Phase…
-
The Nim Shadow: Conquest C2 Redefines Stealth for 2026 Red Teams
Conquest is a feature-rich, extensible and malleable command & control/post-exploitation framework developed for penetration testing and adversary simulation. Conquest’s team server, operator client and agent have all been developed from scratch using the Nim programming language and are designed with modularity and flexibility in mind. It features custom C2 communication via binary packets over HTTP, a…
-
Lightning Strike: Testing Salesforce Security with the Auraditor Extension
Auraditor A Burp Suite extension for security testing Salesforce Lightning and Aura framework applications. Features Request Editor View and edit Aura actions in HTTP requests Add and remove actions using tabs Edit controller names and method names Modify JSON parameters for each action Choose how to handle invalid JSON Copy, cut, and paste in text…
-
The Ghost in the Machine: Master Stealth with the Orsted C2 Framework
Orsted C2 is a command an control framework. It consists of many orsted-beacons that communicates with each other and to the main orsted-server. An operator can interact with the orsted-beacon using the orsted-client. Features By design Automatic Sandbox deception If the Operator don’t interact with the beacon, no malicious DLL/SO will be send to the…
-
Brute Force Reimagined: How BruteForceAI Uses LLMs to Crack Complex Login Forms
BruteForceAI is an advanced penetration testing tool that revolutionizes traditional brute-force attacks by integrating Large Language Models (LLM) for intelligent form analysis. The tool automatically identifies login form selectors using AI, then executes sophisticated multi-threaded attacks with human-like behavior patterns. LLM-Powered Form Analysis Stage 1 (AI Analysis): LLM analyzes HTML content to identify login form…