A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.

The Browser Exploitation Framework Project

Assess the security of your Active Directory with few or all privileges.

Automating situational awareness for cloud penetration tests.

A WiFi auditing software that can perform deauth attacks and passwords cracking

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

💬 Chat with anyone on any website.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

A powerful and sophisticated tool for detecting and exploiting open redirect vulnerabilities using the sed utility and a selected list of carefully crafted payloads with encoding techniques.

A novel cryptocurrency focused on privacy and accessibility.

Python implementation of GhostPack's Seatbelt situational awareness tool

A collection of Azure AD tools for offensive and defensive security purposes

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Windows, Chromebooks, AWS, Google Cloud, Azure, data center, containers, IoT)

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the integration of webhooks, this tool sends real-time updates when…

Volatility 3.0 development

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

The core repository for the Maester module with helper cmdlets that will be called from the Pester tests.

A complete TUI for LDAP.

The Network Execution Tool

.NET post-exploitation toolkit for Active Directory reconnaissance and exploitation

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readines…

Hardware/IOT Pentesting Wiki