HttpDoom – A Tool For Response-Based Inspection Of Websites Across A Large Amount Of Hosts For Quickly Gaining An Overview Of HTTP-based Attack Surface

Validate large HTTP-based attack surfaces in a very fast way. Heavily inspired by Aquatone. Why? When I utilize Aquatone to flyover some hosts, I have some performance issues by the screenshot feature, and the lack of extension capabilities – like validating front-end technologies with a plugin-like system -, also, my codebase is mainly C# andRead More

PentestBro – Combines Subdomain Scans, Whois, Port Scanning, Banner Grabbing And Web Enumeration Into One Tool

Experimental tool for Windows. PentestBro combines subdomain scans, whois, port scanning, banner grabbing and web enumeration into one tool. Uses subdomain list of SecLists. Uses nmap service probes for banner grabbing. Uses list of paths for web enumeration. Example scan of ““: Scanned subdomain, IPs and ports Grabbed banner for each IP and port whoisRead More

Dwn – D(Ockerp)Wn – A Docker Pwn Tool Manager

dwn is a “docker-compose for hackers”. Using a simple YAML “plan” format similar to docker-compose, image names, versions and volume / port mappings are defined to setup a tool for use. features With dwn you can: Configure common pentest tools for use in a docker container Have context aware volume mounts Dynamically modify port bindingsRead More

Cpufetch – Simplistic Yet Fancy CPU Architecture Fetching Tool

Simplistic yet fancy CPU architecture fetching tool 1. Support cpufetch currently supports x86_64 CPUs (both Intel and AMD) and ARM. Platform x86_64 ARM Notes Linux ✔️ ✔️ Prefered platform. Experimental ARM support Windows ✔️ ❌ Some information may be missing. Colors will be used if supported Android ❗ ✔️ Experimental ARM support macOS ✔️ ❌Read More

Gotestwaf – Go Test WAF Is A Tool To Test Your WAF Detection Capabilities Against Different Types Of Attacks And By-Pass Techniques

An open-source Go project to test different web application firewalls (WAF) for detection logic and bypasses. How it works It is a 3-steps requests generation process that multiply amount of payloads to encoders and placeholders. Let’s say you defined 2 payloads, 3 encoders (Base64, JSON, and URLencode) and 1 placeholder (HTTP GET variable). In thisRead More

PoisonApple – macOS Persistence Tool

Command-line tool to perform various persistence mechanism techniques on macOS. This tool was designed to be used by threat hunters for cyber threat emulation purposes. Install Do it up: $ pip3 install poisonapple –user Note: PoisonApple was written & tested using Python 3.9, it should work using Python 3.6+ Important Notes! PoisonApple will make modificationsRead More

Columbo – A Computer Forensic Analysis Tool Used To Simplify And Identify Specific Patterns In Compromised Datasets

Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets. It breaks down data to small sections and uses pattern recognition and machine learning models to identify adversaries behaviour and their possible locations in compromised Windows platforms in a form of suggestions. Currently Columbo operates on Windows platform.Read More

SharpGPOAbuse – Tool To Take Advantage Of A User’S Edit Rights On A Group Policy Object (GPO) In Order To Compromise The Objects That Are Controlled By That GPO

[*] SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user’s edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO. More details can be found at the following blog post: Compile Instructions Make sure theRead More

InveighZero – Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool

InveighZero is a C# LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to a Windows system. This version shares many features with the PowerShell version of Inveigh. Privileged Mode Features (elevated admin required) SMB capture – packet sniffer based LLMNR spoofer – packet sniffer based NBNS spoofer –Read More

Boomerang – A Tool To Expose Multiple Internal Servers To Web/Cloud

Boomerang is a tool to expose multiple internal servers to web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports on the Cloud. One will be where tools like proxychains can connect over socks, another will be for the agent to connect. The agent can be executed on any internal host. The agent will connectRead More