Clik here to view.
Sandcastle – AWS S3 Bucket Enumeration Tool
Sandcastle is a Python-based Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target’s name as the stem argument (e.g. shopify) and iterates through a file of...
View ArticleClik here to view.
zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations and red teamers can utilize zBang to identify potential attack vectors and improve the...
View ArticleClik here to view.
Stardox – Github Stargazers Information Gathering Tool
Stardox is a Python-based GitHub stargazers information gathering tool, it scrapes Github for information and displays them in a list tree view. It can be used for collecting information about your or...
View ArticleClik here to view.
Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. The usage ranges from user support through day-to-day administrative work to employee monitoring. It aims to provide...
View ArticleClik here to view.
Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line. With Axiom, you just need to run a...
View ArticleClik here to view.
Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories. It was created to help illustrate why Cydia repositories can be dangerous...
View ArticleClik here to view.
tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services or to nothing at all or NS records that are...
View ArticleClik here to view.
HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine...
View ArticleClik here to view.
zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using your mobile device for free download. This easy...
View ArticleClik here to view.
Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths. It takes a starting and ending point and will use Neo4j pathfinding algorithms to find...
View ArticleClik here to view.
Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a ‘Swiss Army Knife’ for pen-testing and/or hacking CTF’s. Karkinos Beginner Friendly Penetration Testing Tool...
View ArticleClik here to view.
assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are potentially related to a given domain from a variety of sources including Facebook, ThreatCrowd, Virustotal and more....
View ArticleClik here to view.
CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. At the core of it, you provide it with a list of...
View ArticleClik here to view.
Socialscan – Command-Line Tool To Check For Email And Social Media Username...
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username, socialscan returns whether it is available, taken...
View ArticlePwnagotchi – Maximize Crackable WPA Key Material For Bettercap
Pwnagotchi is an A2C-based "AI" leveraging bettercap that learns from its surrounding WiFi environment to maximize crackable WPA key material it captures
View ArticleDataSurgeon – Extract Sensitive Information (PII) From Logs
DataSurgeon (ds) is a versatile tool designed to Extract Sensitive Information (PII) From Logs, it's intended to be used for incident response, penetration testing, and CTF challenges.
View Articlepadre – Padding Oracle Attack Exploiter Tool
padre is an advanced exploiter and Padding Oracle attack tool that can be deployed against CBC mode encryption.
View Article