Search All Cybersecurity Tools

Macro_Pack automates the generation and obfuscation of Office documents and scripts for penetration testing and security assessments.

A LinkedIn reconnaissance tool for gathering information about companies and individuals on the platform.

An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.

A COM Command & Control framework that uses JScript to provide fileless remote access capabilities on Windows systems through a modular plugin architecture.

Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.

InvisibilityCloak is a proof-of-concept C# code obfuscation toolkit designed for red teaming and penetration testing to conceal post-exploitation tools from detection.

A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.

A template-driven framework for creating custom evasion techniques to test Anti-Virus and EDR detection capabilities.

An open-source phishing toolkit for businesses and penetration testers.

A tool that generates .NET serialized gadgets for triggering assembly load and execution through BinaryFormatter deserialization in JavaScript, VBScript, and VBA scripts.

A standalone man-in-the-middle attack framework used for phishing login credentials and bypassing 2-factor authentication.

EvilClippy is a cross-platform tool that creates malicious MS Office documents with hidden VBA macros and evasion techniques for penetration testing and red team operations.

An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.

A shellcode generator that creates position-independent code for loading and executing .NET Assemblies, PE files, and Windows payloads from memory.

A reconnaissance tool that analyzes expired domains for categorization, reputation, and Archive.org history to identify candidates suitable for phishing and C2 operations.

Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.

A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.

Darkarmour is an open-source Windows antivirus evasion framework that enables security professionals to bypass antivirus detection through customizable obfuscation and anti-analysis techniques.

CrossC2 is a cross-platform payload generator that extends CobaltStrike's capabilities to Linux and macOS environments for red team operations.

CredMaster enhances password spraying tactics with IP rotation to maintain anonymity and efficiency.

Covenant is a collaborative .NET command and control framework designed for red team operations and offensive security engagements.

CobaltBus integrates Cobalt Strike with Azure Service Bus to create covert C2 communication channels for red team operations.

Cloud_enum is a multi-cloud OSINT tool that enumerates publicly accessible resources across AWS, Azure, and Google Cloud platforms for security assessment purposes.

Charlotte is an undetected C++ shellcode launcher for executing shellcode with stealth.