8,813 tools
Distributed low interaction honeypot with Agent/Master design supporting various protocol handlers.
Distributed low interaction honeypot with Agent/Master design supporting various protocol handlers.
A fast and flexible HTTP enumerator for content discovery and credential bruteforcing
A fast and flexible HTTP enumerator for content discovery and credential bruteforcing
Check for known vulnerabilities in your Node.js installation.
Check for known vulnerabilities in your Node.js installation.
Modular framework for web services penetration testing with support for various attacks.
Modular framework for web services penetration testing with support for various attacks.
A Hadoop library for reading and querying PCAP files
A Hadoop library for reading and querying PCAP files
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.
A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.
OSTrICa is an open source plugin-based framework that collects and visualizes threat intelligence data from various sources to help cybersecurity professionals correlate IoCs and enhance their defensive capabilities.
OSTrICa is an open source plugin-based framework that collects and visualizes threat intelligence data from various sources to help cybersecurity professionals correlate IoCs and enhance their defensive capabilities.
A collection of tips and tricks for container and container orchestration hacking and security testing.
A collection of tips and tricks for container and container orchestration hacking and security testing.
PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.
PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.
PowerSploit is a PowerShell-based penetration testing framework containing modules for code execution, injection techniques, persistence, and various offensive security operations.
PowerSploit is a PowerShell-based penetration testing framework containing modules for code execution, injection techniques, persistence, and various offensive security operations.
CimSweep is a suite of CIM/WMI-based tools for incident response and hunting operations on Windows systems without the need to deploy an agent.
CimSweep is a suite of CIM/WMI-based tools for incident response and hunting operations on Windows systems without the need to deploy an agent.
Python script to parse the NTFS USN Change Journal.
Python script to parse the NTFS USN Change Journal.
A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.
A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.
PlumHound is a reporting engine that converts BloodHoundAD's Neo4J queries into operational security reports for analyzing Active Directory vulnerabilities and attack paths.
PlumHound is a reporting engine that converts BloodHoundAD's Neo4J queries into operational security reports for analyzing Active Directory vulnerabilities and attack paths.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
Browse and analyze iPhone/iPad backups with detailed file properties and various viewers.
Browse and analyze iPhone/iPad backups with detailed file properties and various viewers.
A Python telnet honeypot that emulates shell environments to capture and analyze IoT malware and botnet binaries through automated detection mechanisms.
A Python telnet honeypot that emulates shell environments to capture and analyze IoT malware and botnet binaries through automated detection mechanisms.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.