271 tools and resources
Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
A tool to dump login passwords from Linux desktop users, leveraging cleartext credentials in memory.
GNU/Linux Wireless distribution for security testing with XFCE desktop environment.
A script to enumerate Google Storage buckets and determine access and privilege escalation
Repository of tools for testing iPhone messaging by Project Zero
A free and open source C2 and proxy for penetration testers
A C2 profile generator for Cobalt Strike designed to enhance evasion.
An exploration of a new method to abuse DCOM for remote payload execution and lateral movement.
Pacu is an open-source AWS exploitation framework for offensive security testing against cloud environments.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
Modular framework for pentesting Modbus protocol with diagnostic and offensive features.
A Live CD and Live USB for penetration testing and security assessment
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
A C/C++ tool for remote process injection, supporting x64 and x86 operations, with system call macros generated by SysWhispers script.
Offensive security tool for reconnaissance and information gathering with a wide range of features and future roadmap.
MiniCPS is a framework for Cyber-Physical Systems real-time simulation with support for physical process and control devices simulation, and network emulation.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
Comprehensive tutorial on modern exploitation techniques with a focus on understanding exploitation from scratch.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
A collection of precompiled Windows exploits for privilege escalation.