8,922 tools
A collection of tips and tricks for container and container orchestration hacking and security testing.
A collection of tips and tricks for container and container orchestration hacking and security testing.
PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.
PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.
PowerSploit is a PowerShell-based penetration testing framework containing modules for code execution, injection techniques, persistence, and various offensive security operations.
PowerSploit is a PowerShell-based penetration testing framework containing modules for code execution, injection techniques, persistence, and various offensive security operations.
CimSweep is a suite of CIM/WMI-based tools for incident response and hunting operations on Windows systems without the need to deploy an agent.
CimSweep is a suite of CIM/WMI-based tools for incident response and hunting operations on Windows systems without the need to deploy an agent.
Python script to parse the NTFS USN Change Journal.
Python script to parse the NTFS USN Change Journal.
A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.
A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.
PlumHound is a reporting engine that converts BloodHoundAD's Neo4J queries into operational security reports for analyzing Active Directory vulnerabilities and attack paths.
PlumHound is a reporting engine that converts BloodHoundAD's Neo4J queries into operational security reports for analyzing Active Directory vulnerabilities and attack paths.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
Browse and analyze iPhone/iPad backups with detailed file properties and various viewers.
Browse and analyze iPhone/iPad backups with detailed file properties and various viewers.
A Python telnet honeypot that emulates shell environments to capture and analyze IoT malware and botnet binaries through automated detection mechanisms.
A Python telnet honeypot that emulates shell environments to capture and analyze IoT malware and botnet binaries through automated detection mechanisms.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.
Steganography brute-force utility with performance issues, deprecated in favor of stegseek.
Steganography brute-force utility with performance issues, deprecated in favor of stegseek.
A Django web interface for managing Yara rules with features like search, categorization, and bulk edits.
A Django web interface for managing Yara rules with features like search, categorization, and bulk edits.
A Forensic Framework for Skype with various investigative options.
A Forensic Framework for Skype with various investigative options.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A container compliance and vulnerability assessment tool that uses OpenSCAP to scan Docker images and running containers for security vulnerabilities and compliance violations.
A container compliance and vulnerability assessment tool that uses OpenSCAP to scan Docker images and running containers for security vulnerabilities and compliance violations.
An automated script that configures Active Directory domains using customizable XML configuration files.
An automated script that configures Active Directory domains using customizable XML configuration files.
A serverless application that demonstrates common serverless security flaws and weaknesses
A serverless application that demonstrates common serverless security flaws and weaknesses
An open-source Python software for creating honeypots and honeynets securely.
An open-source Python software for creating honeypots and honeynets securely.