VIPER is a powerful and flexible red team platform. It integrates the core tools and functionalities required for adversary simulation and red team operations, assisting you in efficiently completing cybersecurity assessment tasks. User-Friendly Interface Provides...
Qu1cksc0pe This tool allows statically analysis Windows, Linux, osx, executables, and also APK files. You can get: What DLL files are used. Functions and API. Sections and segments. URLs, IP addresses, and emails. Android...
Emora Emora allows you to search for accounts by username across social networks. Inspired by tools like Sherlock, Emora provides a user-friendly graphical interface to ease the usage and navigation through the results. Features Intuitive...
CF-Hero is a comprehensive reconnaissance tool developed to discover the real IP addresses of web applications protected by Cloudflare. It performs multi-source intelligence gathering through various methods. Historical DNS records services try to discover...
DarkWidow This is a Dropper/Post Exploitation Tool (or can be used in both situations) targeting Windows. Capabilities: Indirect Dynamic Syscall. (MITRE ATT&CK TTP: T1106) SSN + Syscall address sorting via Modified TartarusGate approach Remote Process...
Android Disassembler Analyze malicious app on your phone Android Disassembler is an application that is able to analyze several types of files such as APK files, dex files, shared libraries (aka .so files) (NDK,...
APEX – Azure Post Exploitation Framework An attempt to ease up post ex tasks once we have access to some sort of credentials to an Azure related account. To be honest it is nothing...
Arya – The Reverse YARA Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it as a reverse YARA because it does exactly the opposite...
pphack is a CLI tool for scanning websites for client-side prototype pollution vulnerabilities. Feature Fast (concurrent workers) Default payload covers a lot of cases Payload and Javascript customization Proxy-friendly Support output in a file...
Weaponized EvilnoVNC: scalable and semi-automated MFA-Phishing via “browser-in-the-middle” Features concurrent EvilnoVNC instances, as many as your server can handle access to EvilnoVNC sessions is limited to generated URLs with random victim-specific identifier in parameter auto block...
C2 Cloud The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the...
Verdict-as-a-Service Verdict-as-a-Service (VaaS) is a cloud service that provides capabilities to scan files for malware and other threats. It allows you to easily integrate malware detection in your application with a few lines of code....
Astral-PE is a low-level mutator (headers obfuscator and patcher) for Windows PE files (.exe, .dll) that rewrites structural metadata after compilation (or postbuild protection) — without breaking execution. It does not pack, encrypt or inject. Instead, it mutates low-hanging...
TimeSync Tool to obtain hash using MS-SNTP for user accounts Requirements Python 3.x ldap3 library for LDAP operations Installations Clone the repository: git clone https://github.com/yourusername/timeroast.git cd timeroast Install the required Python packages: pip install ....
Ligolo-mp Ligolo-mp is a more specialized version of Ligolo-ng, with client-server architecture, enabling pentesters to play with multiple concurrent tunnels collaboratively. Also, with a sprinkle of less important bells and whistles. Features Everything that you...
vmlinux-to-elf This tool allows to obtain a fully analyzable .ELF file from a vmlinux/vmlinuz/bzImage/zImage kernel image (either a raw binary blob or a preexisting but stripped .ELF file), with recovered function and variable symbols....
