SSRF-Sheriff
A simple SSRF-testing sheriff written in Go. This tool is designed to test for Server-Side Request Forgery (SSRF) vulnerabilities in web applications. It works by sending HTTP requests to a target URL and analyzing the responses to identify potential SSRF vulnerabilities. The tool is easy to use and provides detailed information about the vulnerabilities it finds.
FEATURES
ALTERNATIVES
Utilizes dirtyc0w kernel exploit for privilege escalation in a Docker container.
A COM Command & Control framework using JScript for stealthy and flexible command and control capabilities on Windows systems.
Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications.
A tool for mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
A technique for social engineering and untrusted command execution using ClickOnce technology
A tool for managing multiple reverse shell sessions/clients via terminal with a RESTful API.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
Back-end component for red team operations with crucial design considerations.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.