NimPlant is a lightweight, first-stage Command and Control (C2) implant written in Nim, designed to provide a flexible and efficient solution for remote access and control. It offers a range of features, including a small footprint, easy deployment, and customizable communication protocols, making it an attractive option for penetration testers and red teamers. With its modular architecture and extensible design, NimPlant can be easily integrated with other tools and frameworks, allowing users to tailor their C2 infrastructure to specific needs and environments.
FEATURES
SIMILAR TOOLS
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
A suite of tools for Wi-Fi network security assessment and penetration testing.
A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.