<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>
UAC-A-Mola - Tool That Allows Security Researchers to Investigate New UAC Bypasses, In Addition To Detecting and Exploiting Known Bypasses
UAC-A-Mola - Tool That Allows Security Researchers to Investigate New UAC Bypasses, In Addition To Detecting and Exploiting Known Bypasses
31 Oct, 2019

UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-Mola has modules to carry out the protection and mitigation of UAC bypasses.

Read Details
FOCA - Tool to Find Meta Data and Hidden Information in the Documents
FOCA - Tool to Find Meta Data and Hidden Information in the Documents
28 Oct, 2019

FOCA is a tool used mainly to find metadata and hidden information in the documents it scans. These documents may be on web pages, and can be downloaded and analyzed with FOCA.

Read Details
XMLRPC Bruteforcer - An XMLRPC Brute Forcer Targeting Wordpress
XMLRPC Bruteforcer - An XMLRPC Brute Forcer Targeting Wordpress
24 Oct, 2019

An XMLRPC brute forcer targeting Wordpress written in Python 3. In the context of xmlrpc brute forcing, it's faster than Hydra and WpScan. It cans brute force 1000 passwords per second.

Read Details
Eaphammer v1.9.0 - Targeted Evil Twin Attacks Against WPA2-Enterprise Networks
Eaphammer v1.9.0 - Targeted Evil Twin Attacks Against WPA2-Enterprise Networks
23 Oct, 2019

EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements.

Read Details
Postenum - A Clean, Nice and Easy Tool for Basic/Advanced Privilege Escalation Techniques
Postenum - A Clean, Nice and Easy Tool for Basic/Advanced Privilege Escalation Techniques
22 Oct, 2019

Postenum is a clean, nice and easy tool for basic/advanced privilege escalation vectors/techniques. Postenum tool is intended to be executed locally on a Linux box.

Read Details
SMTP Tester - Tool to Check Common Vulnerabilities in SMTP Servers
SMTP Tester - Tool to Check Common Vulnerabilities in SMTP Servers
21 Oct, 2019

SMTP Tester is a python3 tool to test SMTP server for 3 common vulnerabilities.

Read Details
MalConfScan - Volatility Plugin for Extracts Configuration Data of Known Malware
MalConfScan - Volatility Plugin for Extracts Configuration Data of Known Malware
17 Oct, 2019

MalConfScan is a Volatility plugin extracts configuration data of known malware. Volatility is an open-source memory forensics framework for incident response and malware analysis.

Read Details
Mosca - Manual Search Tool to Find Bugs Like A Grep Unix Command
Mosca - Manual Search Tool to Find Bugs Like A Grep Unix Command
14 Oct, 2019

Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.

Read Details
Pftriage - Python Tool And Library To Help Analyze Files During Malware Triage And Analysis
Pftriage - Python Tool And Library To Help Analyze Files During Malware Triage And Analysis
11 Feb, 2019

Pftriage is a tool to help analyze files during malware triage. It allows an analyst to quickly view and extract properties of a file to help during the triage process.

Read Details
ADAPT - Tool That Performs Automated Penetration Testing For WebApps
ADAPT - Tool That Performs Automated Penetration Testing For WebApps
28 Jan, 2019

ADAPT uses Python to create an automated framework to use industry standard tools, such as OWASP ZAP and Nmap, to perform repeatable, well-designed procedures with anticipated results to create an easly understandable report listing vulnerabilities detected within the web application.

Read Details
Stardox - Github Stargazers Information Gathering Tool
Stardox - Github Stargazers Information Gathering Tool
20 Jan, 2019

Stardox is an advanced github stargazers information gathering tool. It scraps Github for information and display them in list tree view. It can be used for collecting information of your's/someones repository stargazers details.

Read Details
Modlishka - The Tool That Can Bypass Two-Factor Authentication Via Phishing
Modlishka - The Tool That Can Bypass Two-Factor Authentication Via Phishing
14 Jan, 2019

While most users consider two-factor authentication a security measure to protect accounts, a researcher has proved otherwise. The tool can bypass two-factor authentication and automate phishing attacks.

Read Details
Brosec – An Open Source Interactive Tool to Utilize Payloads and Commands
Brosec – An Open Source Interactive Tool to Utilize Payloads and Commands
27 Dec, 2018

Brosec is an open source terminal based tool to help all the security professionals generate the right payloads and commands.

Read Details
SpiderFoot - The Most Complete OSINT Collection And Reconnaissance Tool
SpiderFoot - The Most Complete OSINT Collection And Reconnaissance Tool
12 Dec, 2018

SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more.

Read Details
Knock - Open Source Subdomain Scanner Tool
Knock - Open Source Subdomain Scanner Tool
03 Dec, 2018

Knock is a python based tool for enumerating subdomains on a targeted domain.

Read Details
PhishX - Spear Phishing Tool for Capturing Credentials
PhishX - Spear Phishing Tool for Capturing Credentials
30 Oct, 2018

PhishX is a python tool that can capture user credentials using a spear phishing attack.

Read Details
Atlas - Quick SQLMap Tamper Suggester
Atlas - Quick SQLMap Tamper Suggester
12 Oct, 2018

Atlas is an open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS, the tool is based on returned status code.

Read Details
XenoScan - Open Source Memory Scanner Written In C++
XenoScan - Open Source Memory Scanner Written In C++
07 Oct, 2018

XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important values.

Read Details
Ettercap - A Comprehensive Suite For Man In The Middle Attacks
Ettercap - A Comprehensive Suite For Man In The Middle Attacks
14 Sep, 2018

Ettercap is a comprehensive suite for man in the middle attacks.

Read Details
BadKarma - Advanced Network Reconnaissance Toolkit
BadKarma - Advanced Network Reconnaissance Toolkit
03 Sep, 2018

BadKarma is a python3 GTK+ network infrastructure penetration testing toolkit.

Read Details
XAttacker Tool – Scan and Auto Exploit Web Vulnerabilities
XAttacker Tool – Scan and Auto Exploit Web Vulnerabilities
26 Aug, 2018

By providing a target website to the tool, it auto detects its' architecture if using a Content Management Service (CMS).

Read Details
PMapper - A Tool For Quickly Evaluating IAM Permissions In AWS
PMapper - A Tool For Quickly Evaluating IAM Permissions In AWS
22 Aug, 2018

The goal of the AWS IAM auth system is to apply and enforce access controls on actions and resources in AWS. This tool helps identify if the policies in place will accomplish the intents of the account's owners.

Read Details
Ridrelay - Quick And Easy Way To Get Domain Usernames While On An Internal Network
Ridrelay - Quick And Easy Way To Get Domain Usernames While On An Internal Network
01 Aug, 2018

RidRelay combines the SMB Relay attack, common lsarpc based queries and RID cycling to get a list of domain usernames.

Read Details
Black Owl - Tool To Gather Information, based On Operative-Framework
Black Owl - Tool To Gather Information, based On Operative-Framework
12 Jul, 2018

Tool To Gather Information, based On Operative-Framework

Read Details
MSDAT - Microsoft SQL Database Attacking Tool
MSDAT - Microsoft SQL Database Attacking Tool
04 Jul, 2018

MSDAT (Microsoft SQL Database Attacking Tool) is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely.

Read Details
VOOKI - Web Application Vulnerability Scanner
VOOKI - Web Application Vulnerability Scanner
25 Jun, 2018

Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner, and reporting section.

Read Details
PE Linux - Linux Privilege Escalation Tool
PE Linux - Linux Privilege Escalation Tool
18 Jun, 2018
  • Getting Started
  • System Information Gatherer
  • Kernel Information Gatherer
  • Checking Development environments on the system (Escaping Restricted Shells)
Read Details
PhpSploit - Stealth Post-Exploitation Framework
PhpSploit - Stealth Post-Exploitation Framework
11 Jun, 2018

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation purposes.

Read Details
Autopwn v2.0 : Metasploit Automation Tool
Autopwn v2.0 : Metasploit Automation Tool
24 May, 2018

In nowadays due to firewall restrictions and patch management policies exploitation of systems has become much more difficult. However one of the most efficient way is the use of client-side attacks.

Read Details
GPON - Python Exploit For Remote Code Executuion On GPON Home Routers (CVE-2018-10562)
GPON - Python Exploit For Remote Code Executuion On GPON Home Routers (CVE-2018-10562)
16 May, 2018

Many routers today use GPON internet, and a way to bypass all authentication on the devices (CVE-2018-10561) was found by VPNMentor.

Read Details
Mimic - A Tool For Covert Execution In Linux
Mimic - A Tool For Covert Execution In Linux
19 Apr, 2018

Covert execution is the art of hiding a process. In this case, mimic hides the process in plain sight. mimic can launch any program and make it look like any other program. Any user can use it. It does not require special permissions.

Read Details
Aircrack - the password cracking tool
Aircrack - the password cracking tool
06 Apr, 2018

Aircrack-ng is a network hacking tool that consists of a packet sniffer, detector, WPA/WPA2-PSK cracker, WEP and an analysis tool for for 802.11 wireless LANs.

Read Details
CLOUDKiLL3R - Bypasses Cloudflare Protection Service Via TOR Browser
CLOUDKiLL3R - Bypasses Cloudflare Protection Service Via TOR Browser
28 Mar, 2018

Make sure that TOR Browser is up and running while working with CLOUDKiLL3R. Make sure that the IP AND PORT are the same in TOR Browser preferences > advanced > Networks

Read Details
VoIP Sniffer: UCSniff
VoIP Sniffer: UCSniff
13 Jan, 2018

A POC tool to demonstrate the risk of unauthorized recording of VoIP and Video, it helps to determine who can eavesdrop, and from what parts of your network.

Read Details
OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC – Obfuscated Code Generator Tool

OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.

Read Details
Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r – Fast Python Subdomain Enumeration Tool

Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.

Read Details
Acunetix WVS
Acunetix WVS

Acunetix is available for Windows XP and higher. Acunetix is a web vulnerability scanner (WVS) that scans and finds out the flaws in a website that could prove fatal.

Read Details
Wireshark: Web vulnerability scanner
Wireshark: Web vulnerability scanner

Wireshark is an industry standard network protocol analysis tool. It allows you to capture and view the data traveling back and forth on your network.

Read Details
UFTP - UDP based FTP with encryption
UDP based FTP with encryption

UFTP is an encrypted multicast file transfer program for secure, reliable & efficient transfer of files.

Read Details
Android hacking 'APK'
Android hacking "APK"

Hacking an Android APK file involves that we decompile, hack it, and recompile, essentially reverse engineering an apk file.

Read Details
Executable Compression demystified
Executable Compression demystified

Executable compression means compressing an executable file and combining the compressed data with decompression code into a single executable.

Read Details
BitCracker – Password Cracking Tool
BitCracker – Password Cracking Tool

BitCracker is a mono-GPU password cracking tool for memory units encrypted with the password authentication mode of BitLocker.

Read Details
BloodHound – Red / Blue teaming tool for AD attacks
BloodHound – Red / Blue teaming tool for AD attacks

Bloodhound is a single page Javascript web application, built on Linkurious and compiled with Electron.

Read Details