22 Components & Libraries
Sortby
Wifiphisher is... ...powerful. Wifiphisher can run for hours inside a Raspberry Pi device executing all modern Wi-Fi association techniques (including "Evil Twin", "KARMA" and "Known Beacons"). ...fl…
An advanced web path brute-forcer Choose one of these installation options: dirsearch allows you to pause the scanning progress with CTRL+C, from here, you can save the progress (and continue later),…
Used for penetration testing and/or red-teaming etc. I created this tool because i needed a third party tool to generate a bunch of PDF files with various links. Output will be written as: test1.pdf,…
Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment. This RAT will help someone during red team engagements to backdoor any Windows machines. It tracks the user activity …
Octopus is an open source, pre-operation C2 server based on python which can control an Octopus powershell agent through HTTP/S. The main purpose of creating Octopus is for use before any red team op…
fireELF is a opensource fileless linux malware framework thats crossplatform and allows users to easily create and manage payloads. By default is comes with 'memfd_create' which is a new way to run l…
邮箱信息收集主要来源如下: 更新PhoneBook、Snov模块 更新GithubApi模块 后续还会更新~ 参考了以下优秀的工具,并修改而来: 感谢这些师傅们的分享!!! 感谢网上开源的各大项目!!! 本工具仅能在取得足够合法授权的企业安全建设中使用,在使用本工具过程中,您应确保自己所有行为符合当地的法律法规。 如您在使用本工具的过程中存在任何非法行为,您将自行承担所有后果,本工具所有开发…
Well, Spoofy is different and here is why: After the initial testing using Microsoft 365, some combinations were retested using Protonmail and Gmail due to the differences in their handling of banner…
Tactics, Techniques, and Procedures (aka. my notes) Resources to define, understand the execution, and goals of Red Teaming. These resources have an emphasis on Enterprise Red Teaming in the cloud
Dome is a fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports. This tool is recommended for bug bounty hunters and pentester in their …
This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs). This makes it possible to execute binaries without leaving traces on …
Credits: UnD3sc0n0c1d0 /var/log/auth.log /var/log/auth.log&cmd=id /var/log/vsftpd.log /var/log/vsftpd.log&cmd=id /var/log/apache2/access.log /var/log/nginx/access.log /var/log/apache2/access.…
pure-python implementation of MemoryModule technique to load a dll or unmanaged exe entirely from memory In the following example a Cobalt Strike stageless beacon dll is downloaded (not saved on disk…
A simple python tool for phishing This tool was created for the purpose of phishing during a penetration test. I wanted to create command line tool (to allow for automation) that would take a pre-cra…
This repo is a collection of tools and commands for pentesting and red teaming assessments updating soon ....
一款集成了多种老牌工具字典的轻量级目录扫描器,包括御剑后台扫描字典,test404网站备份,web破壳扫描器,御剑1.5扫描字典,御剑专业版字典,wwwscan字典,dirscan字典,dirsafe字典,swebscan等字典已合并去重 支持多线程扫描,可指定线程数。 随机user-agent头。 -x指定X-forward-for头,默认随机。 -f支持导入字典检测。 -o导出html报告 …
📲 Enumerate information from an app based on the APK file A quick guide of how to install and use Apepe. A quick guide of how to contribute with the project.
Extra thanks to the people who left a star on the repo. Every one is very appreciated :) Note this script is purley just a small enumeration script, and does not directly attack any found devices on …
An efficent Script To Generate FUD Persistent Reverse Shell For Red Teaming. Don't Upload Generated Stub On Virustotal
Goblyn is a tool focused to enumeration and capture of website files metadata. Goblyn will search for active directories in the website and so enumerate the files, if it find some file it will get th…
G3nius Tools Sploit is a penetration testing tool with a lot of plugins for advanced cybersecurity attacks. User-friendly, Easy and modular!. Click on Download text to start download. Then create an …
LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails. Install requ…
Subscribe to our newsletter