Xalgorix — The Most Powerful Open-Source AI Pentesting Agent Xalgorix is the most comprehensive open-source autonomous penetration testing platform. It combines the power of AI with 70+ security tools to deliver enterprise-grade pentesting — completely...
TailVNC A Windows remote desktop persistence tool built on top of Tailscale’s WireGuard-encrypted mesh network. TailVNC embeds a fully self-contained VNC server and Tailscale node into a single binary, enabling secure remote desktop access...
PentAGI PentAGI is an innovative tool for automated security testing that leverages cutting-edge artificial intelligence technologies. The project is designed for information security professionals, researchers, and enthusiasts who need a powerful and flexible solution...
ghostsurf NTLM HTTP relay tool with SOCKS proxy for browser session hijacking. Capture NTLM auth, relay to HTTP/HTTPS targets, then browse as the victim through a SOCKS proxy. This works even when cookie replay...
cloudtoolkit Interactive multi-cloud security assessment framework. Capability overview Providers Payload Supported Alibaba Cloud backdoor-user: Backdoored user can be used to obtain persistence in the Cloud environment. bucket-dump: Quickly enumerate buckets to look for loot....
Kali Linux 2026.1 has arrived, bearing not merely a novel array of software packages, but an unexpected, nostalgic echo from the past. The vanguard of its development team has unveiled the inaugural rolling release...
ProfileHound is a post-escalation tool to help find and achieve red-teaming objectives by locating domain user profiles on machines. It uses the BloodHound OpenGraph format to build a new edge called HasUserProfile which determines if a...
PrivHound Local Privilege Escalation, as a Graph. A BloodHound OpenGraph collector that models Windows local privilege escalation as interconnected attack paths not a wall of text. For a long time, BloodHound has proven that...
ADPulse — Active Directory Security Scanner ADPulse is an open-source Active Directory security auditing tool that connects to a domain controller via LDAP(S), runs 35 automated security checks, and produces detailed reports in console,...
Introduction Eden-RAT is a lightweight remote access tool (RAT) designed for the initial stage of penetration testing. It provides a graphical user interface (GUI) with multiple features for Linux systems, including a file manager...
Cobalt Strike Linux Beacon A proof-of-concept custom Linux Beacon written in C that communicates with the Cobalt Strike teamserver using the HTTP/S protocol. The goal of this project isn’t to be a fully featured...
Most Basic Penetration Testing Lab (MBPTL) A comprehensive, hands-on penetration testing lab designed to teach cybersecurity fundamentals through practical exercises. This document outlines the complete process for discovering and collecting all 17 flags across the MBPTL...
