Lsarelayx – NTLM Relaying For Windows Made Easy

[*] lsarelayx is system wide NTLM relay tool designed to relay incoming NTLM based authentication to the host it is running on. lsarelayx will relay any incoming authentication request which includes SMB. Since lsarelayx hooks into existing application authentication flows, the tool will also attempt to service the original authentication request after the relay isRead More

Spray365 – Makes Spraying Microsoft Accounts (Office 365 / Azure AD) Easy Through Its Customizable Two-Step Password Spraying Approach

Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray365 different from the many other password spraying tools that are already available? Spray365 enables passwords to be sprayed from an “execution plan”. While having a pre-generated execution plan that describe the spraying operation wellRead More

Cloudquery – Transforms Your Cloud Infrastructure Into SQL Database For Easy Monitoring, Governance And Security

CloudQuery transforms your cloud infrastructure into queryable SQL for easy monitoring, governance and security. What is CloudQuery and why use it? CloudQuery pulls, normalize, expose and monitor your cloud infrastructure and SaaS apps as SQL database. This abstracts various scattered APIs enabling you to define security, governance, cost and compliance policies with SQL. CloudQuery canRead More

Kraker – Distributed Password Brute-Force System That Focused On Easy Use

Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and workstations, focused on easy of use. There were two main goals during the design and development: to create the most simple tool for distributed hash cracking and make it fault-tolerant. Kraker consists of two mainRead More

PCWT – A Web Application That Makes It Easy To Run Your Pentest And Bug Bounty Projects

A web application that makes it easy to run your pentest and bug bounty projects. Description The app provides a convenient web interface for working with various types of files that are used during the pentest, automate port scan and subdomain search. Main page   Project settings Domains dashboard   Port scan You can scanRead More

Brutto – Easy Brute Forcing To Whatever You Want

Easy brute forcing to whatever you want, Its magic increasing values and direct. Implementation Clone git clone https://github.com/jofpin/brutto.git Download the latest version Install with Python: python setup.py install # So you import the libraryfrom brutto_easy import Brutto How to use Includes all the letters (A – Z ) in case sensitive. All numbers are reflectedRead More

AutoGadgetFS – USB Testing Made Easy

What’s AutoGadgetFS ? AutoGadgetFS is an open source framework that allows users to assess USB devices and their associated hosts/drivers/software without an in-depth knowledge of the USB protocol. The tool is written in Python3 and utilizes RabbitMQ and WiFi access to enable researchers to conduct remote USB security assessments from anywhere around the globe. ByRead More

PowerSharpPack – Many usefull offensive CSharp Projects wraped into Powershell for easy usage

Many usefull offensive CSharp Projects wraped into Powershell for easy usage.Why? In my personal opinion offensive Powershell is not dead because of AMSI, Script-block-logging, Constrained Language Mode or other protection features. Any of these mechanisms can be bypassed. Since most new innovative offensive security projects are written in C# I decided to make them usableRead More

Ligolo – Reverse Tunneling Made Easy For Pentesters, By Pentesters

Ligolo is a simple and lightweight tool for establishing SOCKS5 or TCP tunnels from a reverse connection in complete safety (TLS certificate with elliptical curve).It is comparable to Meterpreter with Autoroute + Socks4a, but more stable and faster.Use caseYou compromised a Windows / Linux / Mac server during your external audit. This server is locatedRead More

GDBFrontend – An Easy, Flexible And Extensionable GUI Debugger

GDBFrontend is an easy, flexible and extensionable gui debugger.Installing Deb Package (Debian / Ubuntu / KDE Neon)You can install GDBFrontend via deb package for Debian-based distributions.You can install it from following commands: echo “deb [trusted=yes] https://oguzhaneroglu.com/deb/ ./” | sudo tee -a /etc/apt/sources.list > /dev/nullsudo apt updatesudo apt install gdbfrontend After installing with APT, you willRead More

X