<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>
PhishX - Spear Phishing Tool for Capturing Credentials
PhishX - Spear Phishing Tool for Capturing Credentials

PhishX is a python tool that can capture user credentials using a spear phishing attack.

Read Details
Atlas - Quick SQLMap Tamper Suggester
Atlas - Quick SQLMap Tamper Suggester

Atlas is an open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS, the tool is based on returned status code.

Read Details
XenoScan - Open Source Memory Scanner Written In C++
XenoScan - Open Source Memory Scanner Written In C++

XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important values.

Read Details
Ettercap - A Comprehensive Suite For Man In The Middle Attacks
Ettercap - A Comprehensive Suite For Man In The Middle Attacks

Ettercap is a comprehensive suite for man in the middle attacks.

Read Details
BadKarma - Advanced Network Reconnaissance Toolkit
BadKarma - Advanced Network Reconnaissance Toolkit

BadKarma is a python3 GTK+ network infrastructure penetration testing toolkit.

Read Details
XAttacker Tool – Scan and Auto Exploit Web Vulnerabilities
XAttacker Tool – Scan and Auto Exploit Web Vulnerabilities

By providing a target website to the tool, it auto detects its' architecture if using a Content Management Service (CMS).

Read Details
PMapper - A Tool For Quickly Evaluating IAM Permissions In AWS
PMapper - A Tool For Quickly Evaluating IAM Permissions In AWS

The goal of the AWS IAM auth system is to apply and enforce access controls on actions and resources in AWS. This tool helps identify if the policies in place will accomplish the intents of the account's owners.

Read Details
Ridrelay - Quick And Easy Way To Get Domain Usernames While On An Internal Network
Ridrelay - Quick And Easy Way To Get Domain Usernames While On An Internal Network

RidRelay combines the SMB Relay attack, common lsarpc based queries and RID cycling to get a list of domain usernames.

Read Details
PhpSploit - Stealth Post-Exploitation Framework
PhpSploit - Stealth Post-Exploitation Framework

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation purposes.

Read Details
PE Linux - Linux Privilege Escalation Tool
PE Linux - Linux Privilege Escalation Tool
  • Getting Started
  • System Information Gatherer
  • Kernel Information Gatherer
  • Checking Development environments on the system (Escaping Restricted Shells)
Read Details
VOOKI - Web Application Vulnerability Scanner
VOOKI - Web Application Vulnerability Scanner

Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner, and reporting section.

Read Details
Black Owl - Tool To Gather Information, based On Operative-Framework
Black Owl - Tool To Gather Information, based On Operative-Framework

Tool To Gather Information, based On Operative-Framework

Read Details
MSDAT - Microsoft SQL Database Attacking Tool
MSDAT - Microsoft SQL Database Attacking Tool

MSDAT (Microsoft SQL Database Attacking Tool) is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely.

Read Details
Autopwn v2.0 : Metasploit Automation Tool
Autopwn v2.0 : Metasploit Automation Tool

In nowadays due to firewall restrictions and patch management policies exploitation of systems has become much more difficult. However one of the most efficient way is the use of client-side attacks.

Read Details
GPON - Python Exploit For Remote Code Executuion On GPON Home Routers (CVE-2018-10562)
GPON - Python Exploit For Remote Code Executuion On GPON Home Routers (CVE-2018-10562)

Many routers today use GPON internet, and a way to bypass all authentication on the devices (CVE-2018-10561) was found by VPNMentor.

Read Details
Mimic - A Tool For Covert Execution In Linux
Mimic - A Tool For Covert Execution In Linux

Covert execution is the art of hiding a process. In this case, mimic hides the process in plain sight. mimic can launch any program and make it look like any other program. Any user can use it. It does not require special permissions.

Read Details
Aircrack - the password cracking tool
Aircrack - the password cracking tool

Aircrack-ng is a network hacking tool that consists of a packet sniffer, detector, WPA/WPA2-PSK cracker, WEP and an analysis tool for for 802.11 wireless LANs.

Read Details
CLOUDKiLL3R - Bypasses Cloudflare Protection Service Via TOR Browser
CLOUDKiLL3R - Bypasses Cloudflare Protection Service Via TOR Browser

Make sure that TOR Browser is up and running while working with CLOUDKiLL3R. Make sure that the IP AND PORT are the same in TOR Browser preferences > advanced > Networks

Read Details
VoIP Sniffer: UCSniff
VoIP Sniffer: UCSniff

A POC tool to demonstrate the risk of unauthorized recording of VoIP and Video, it helps to determine who can eavesdrop, and from what parts of your network.

Read Details
OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC – Obfuscated Code Generator Tool

OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.

Read Details
Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r – Fast Python Subdomain Enumeration Tool

Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.

Read Details
Acunetix WVS
Acunetix WVS

Acunetix is available for Windows XP and higher. Acunetix is a web vulnerability scanner (WVS) that scans and finds out the flaws in a website that could prove fatal.

Read Details
Wireshark: Web vulnerability scanner
Wireshark: Web vulnerability scanner

Wireshark is an industry standard network protocol analysis tool. It allows you to capture and view the data traveling back and forth on your network.

Read Details
UFTP - UDP based FTP with encryption
UDP based FTP with encryption

UFTP is an encrypted multicast file transfer program for secure, reliable & efficient transfer of files.

Read Details
Android hacking 'APK'
Android hacking "APK"

Hacking an Android APK file involves that we decompile, hack it, and recompile, essentially reverse engineering an apk file.

Read Details
Executable Compression demystified
Executable Compression demystified

Executable compression means compressing an executable file and combining the compressed data with decompression code into a single executable.

Read Details
BitCracker – Password Cracking Tool
BitCracker – Password Cracking Tool

BitCracker is a mono-GPU password cracking tool for memory units encrypted with the password authentication mode of BitLocker.

Read Details
BloodHound – Red / Blue teaming tool for AD attacks
BloodHound – Red / Blue teaming tool for AD attacks

Bloodhound is a single page Javascript web application, built on Linkurious and compiled with Electron.

Read Details