Search All Cybersecurity Tools

Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.

SourcePoint generates customizable C2 profiles for Cobalt Strike servers to enhance evasion capabilities against security defenses.

Adversary emulation framework for testing security measures in network environments.

Skyhook is an HTTP-based file transfer tool that uses obfuscation techniques to evade detection by Intrusion Detection Systems.

A comprehensive .NET post-exploitation library designed for advanced security testing.

SharpC2 is a C#-based Command and Control framework that provides remote access capabilities for penetration testing and red team operations.

A post-exploitation framework designed to operate covertly on heavily monitored environments.

A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.

S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.

A C/C++ tool for remote process injection, supporting x64 and x86 operations, with system call macros generated by SysWhispers script.

RedWarden is a Cobalt Strike C2 reverse proxy that uses packet inspection and malleable profile correlation to evade detection by security controls during red team operations.

A dynamic redirect rules generator that creates custom redirect configurations for penetration testing and security assessment scenarios.

RedGuard is a C2 front flow control tool that helps evade detection by security systems through traffic filtering and redirection capabilities.

Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.

PwnAuth is an open-source tool for generating and managing authentication tokens across multiple protocols, designed for penetration testing and red team exercises.

Pupy is an open-source, cross-platform C2 framework that provides remote access and control capabilities for compromised systems across Windows, Linux, OSX, and Android platforms.

A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.

An open-source shellcode and PE packer for creating and managing portable executable files.

Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.

A tool to remove malicious artifacts from Microsoft Office documents, preventing malware infections and data breaches.

A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.

A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.

A lightweight Command and Control (C2) implant written in Nim that provides remote access capabilities for penetration testing and red team operations.

A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.