Velociraptor – Endpoint Visibility and Collection Tool

Velociraptor is a tool for collecting host based state information using Velocidex Query Language (VQL) queries. To learn more about Velociraptor, read the documentation on: https://www.velocidex.com/docs/ Quick start If you want to see what Velociraptor is all about simply: Download the binary from the release page for your favorite platform (Windows/Linux/MacOS). Start the GUI $Read More

ActiveDirectoryEnumeration – Enumerate AD Through LDAP With A Collection Of Helpfull Scripts Being Bundled

ADE – ActiveDirectoryEnum usage: activeDirectoryEnum [-h] [-o OUT_FILE] [-u USER] [-s] [-smb] [-kp] [-bh] [-spn] [–all] [–no-creds] dc ___ __ _ ____ _ __ ______ / | _____/ /_(_) _____ / __ (_)_______ _____/ /_____ _______ __/ ____/___ __ ______ ___ / /| |/ ___/ __/ / | / / _ / / / /Read More

Iblessing – An iOS Security Exploiting Toolkit, It Mainly Includes Application Information Collection, Static Analysis And Dynamic Analysis

[*] [***] iblessing iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. iblessing is based on unicorn engine and capstone engine. Features Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract, including metadata, deeplinks, urls, etc. Mach-O parser and dyld symbol bind simulator Objective-CRead More

Git All The Payloads! A Collection Of Web Attack Payloads

Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Usagerun ./get.sh to download external payloads and unzip any payload files that are compressed.Payload Credits fuzzdb – https://github.com/fuzzdb-project/fuzzdb SecLists – https://github.com/danielmiessler/SecLists xsuperbug – https://github.com/xsuperbug/payloads NickSanzotta – https://github.com/NickSanzotta/BurpIntruder 7ioSecurity – https://github.com/7ioSecurity/XSS-Payloads shadsidd – https://github.com/shadsidd shikari1337 – https://www.shikari1337.com/list-of-xss-payloads-for-cross-site-scripting/ xmendez – https://github.com/xmendez/wfuzz minimaxir –Read More

Web Hacker’s Weapons – A Collection Of Cool Tools Used By Web Hackers

A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting.Weapons Type Name Description Army-Knife/ALL BurpSuite the BurpSuite project Army-Knife/SCAN jaeles The Swiss Army knife for automated Web Application Testing Army-Knife/ALL zaproxy The OWASP ZAP core project Discovery/ALL OneForAll OneForAll是一款功能强大的子域收集工具 Discovery/ALL lazyrecon This script is intended to automate your reconnaissance process inRead More

WhatTheHack – A Collection Of Challenge Based Hack-A-Thons Including Student Guide, Proctor Guide, Lecture Presentations, Sample/Instructional Code And Templates

WhatTheHack is a collection of challenge based hack-a-thons including student guide, proctor guide, lecture presentations, sample/instructional code and templates. What, Why and How “What the Hack” is a challenge based hackathon format Challenges describe high-level tasks and goals to be accomplished Challenges are not step-by-step labs Attendees work in teams of 3 to 5 peopleRead More

Mimir – Smart OSINT Collection Of Common IOC Types

Smart OSINT collection of common IOC types. OverviewThis application is designed to assist security analysts and researchers with the collection and assessment of common IOC types. Accepted IOCs currently include IP addresses, domain names, URLs, and file hashes.The title of this project is named after Mimir, a figure in Norse mythology renowned for his knowledgeRead More

X