Conquest is a feature-rich, extensible and malleable command & control/post-exploitation framework developed for penetration testing and adversary simulation. Conquest’s team server, operator client and agent have all been developed from scratch using the Nim programming...
Auraditor A Burp Suite extension for security testing Salesforce Lightning and Aura framework applications. Features Request Editor View and edit Aura actions in HTTP requests Add and remove actions using tabs Edit controller names...
Orsted C2 is a command an control framework. It consists of many orsted-beacons that communicates with each other and to the main orsted-server. An operator can interact with the orsted-beacon using the orsted-client. Features...
BruteForceAI is an advanced penetration testing tool that revolutionizes traditional brute-force attacks by integrating Large Language Models (LLM) for intelligent form analysis. The tool automatically identifies login form selectors using AI, then executes sophisticated...
BugTrace-AI is a comprehensive web vulnerability analysis suite that leverages the power of Generative AI to assist developers, penetration testers, and security analysts. It provides a rich set of tools for both static (SAST)...
DllShimmer Weaponize DLL hijacking easily. Backdoor any function in any DLL without disrupting normal process operation. How it works DllShimmer parses the original DLL and extracts information about exported functions (name, ordinal number, and...
Wscan is a web security scanner that focuses on WEB security. It pays homage to Nmap, which has been open source for 25 years. We also plan to continuously update and keep Wscan open...
AzDevRecon is a web-based enumeration tool designed for offensive security professionals, red teamers, and penetration testers targeting Azure DevOps. It helps identify misconfigurations, exposed secrets, and security gaps by leveraging token-based authentication for reconnaissance and data extraction. Features Token-Based Enumeration –...
PentestGPT PentestGPT is a penetration testing tool empowered by ChatGPT. It is designed to automate the penetration testing process. It is built on top of ChatGPT and operate in an interactive mode to guide penetration testers...
PolarDNS is a specialized authoritative DNS server written in Python 3.x, originally developed as a tool for security testing of DNS recursive resolvers from the server-side. It allows the operator to produce custom DNS...
The market has begun to see the emergence of the first truly functional solutions that harness artificial intelligence to detect vulnerabilities in source code. This new generation of AI-SAST systems — often referred to...
A new open-source project has appeared in TrustedSec’s GitHub repository. The library, named Titanis, is written in C# and designed for interaction with Windows environments. Built on .NET 8, it is cross-platform, supporting both...
