.svg){kind=icon}
PhishTool automatically retrieves all of the relevant metadata from a phishing email, providing you with the most comprehensive technical view of a phishing email possible. This combined with our OSINT and heuristic detection, makes PhishTool one seriously powerful tool.
remove AV/EDR with physical access.
tl;dr: unprivileged user -> Defender removal on physical machine.
With a precision of a brain surgeon wielding a chainsaw, nifo can obliterate most AV/EDR products from endpoints or servers running the worlds most popular operating system, even if they're BitLocker protected - if you have physical access to the device and it's not totally locked down (BIOS password + SecureBoot + Harddrive Password + No USB Boot).
Tool for building Kubernetes attack paths.
KubeHound creates a graph of attack paths in a Kubernetes cluster, allowing you to identify direct and multi-hop routes an attacker is able to take, visually or through complex graph queries.
Independent Privacy & Security Resources. The collaborative privacy advocacy community.
Protect your data against global mass surveillance programs.
Privacy Guides is a socially motivated website that provides information for protecting your data security and privacy. Our mission is to inform the public about the value of digital privacy, and global government initiatives which aim to monitor your online activity. We are a non-profit collective operated entirely by volunteer team members and contributors. Our website is free of advertisements and not affiliated with any of the listed providers.
HardenSysvol is an open-source tool developed by the HardenAD Community to complement Active Directory audit tools by analyzing GPOs and scripts on Sysvol folder. It is ready-to-use, easy to deploy, and requires no complex configurations (no elevated privileges or EDR deactivation needed).
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
GitDorker is a tool that utilizes the GitHub Search API and an extensive list of GitHub dorks that I've compiled from various sources to provide an overview of sensitive information stored on github given a search query.
The Primary purpose of GitDorker is to provide the user with a clean and tailored attack surface to begin harvesting sensitive information on GitHub. GitDorker can be used with additional tools such as GitRob or Trufflehog on interesting repos or users discovered from GitDorker to produce best results.
Monkey365 is an Open Source security tool that can be used to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews without the significant overhead of learning tool APIs or complex admin panels from the start.
A multi-vault secret injection tool for safely injecting secrets into app environment.
Whispr (Pronounced as whisper) is a CLI tool to safely inject secrets from your favorite secret vault (Ex: AWS Secrets Manager, Azure Key Vault etc.) into your app's environment. This is very useful for enabling secure local software development.
Most companies discover they've been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup; no ongoing overhead; nearly 0 false positives, and you can detect attackers long before they dig in. Check out why our Hardware, VM and Cloud-based Canaries are deployed and loved on all 7 continents...
Phish-back your credentials to attackers using contextualized deceptive technology.
Automated Attack Simulation in the Cloud, complete with detection use cases.
This is the repository containing Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties. These definitions can then be compiled into:
Awesome cloud enumerator
A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike.
EvilnoVNC is a Ready to go Phishing Platform.
Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection.
In addition, this tool allows us to see in real time all of the victim's actions, access to their downloaded files and the entire browser profile, including cookies, saved passwords, browsing history and much more.
Basic protection against HTML smuggling attempts.
SmuggleShield is an experimental browser extension that aims to prevent basic HTML smuggling attacks by detecting common patterns. While this is not a comprehensive or bulletproof solution, it is an attempt to provide an additional layer of security during browsing. The project is still in the testing phase!
Automate Your Audit Reports with AuditForge.
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
Save time, increase efficiency, and maintain data confidentiality with our open-source auditing software.
A good private alternative for Cybergordon (custom API).
Check if an observable (IP, hash, domain, URL) is malicious using VirusTotal, AbuseIPDB, IPInfo, Spur.us, IP Quality Score, MDE and Google Safe Browsing.
Comprehensive report with search and filter features (type, country, risk, detection, proxy/VPN).
Bjorn is a powerful network scanning and offensive security tool for the Raspberry Pi with a 2.13-inch e-Paper HAT. It discovers network targets, identifies open ports, exposed services, and potential vulnerabilities. Bjorn can perform brute force attacks, file stealing, host zombification, and supports custom attack scripts.
Automating situational awareness for cloud penetration tests.
CloudFox helps you gain situational awareness in unfamiliar cloud environments. It’s an open source command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure.
A small Python library created to help developers protect their applications from Server Side Request Forgery (SSRF) attacks. It implements an asynchronous GET method called safehttpx.get(), which is a wrapper around httpx.AsyncClient.get() while performing DNS validation on the supplied URL using Google DNS.