Combination of evilginx2 and GoPhish. Prerequisites You should have a fundamental understanding of how to use GoPhish, evilginx2, and Apache2.…
Collect-MemoryDump is automated Creation of Windows Memory Snapshots for DFIR. Collect-MemoryDump.ps1 is PowerShell script utilized to collect a Memory Snapshot…
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access…
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts. See the TeamFiltration wiki page for…
During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch(Prefetch-Hash-Cracker) file. While its…
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. Prerequisites Appshark requires a specific version…
Vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written…
Jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even…
The CI/CD-Goat project allows engineers and security practitioners to learn and practice CI/CD security through a set of 10 challenges,…
Want to use SSH for reverse shells? Now you can using reverse_SSH. Manage and connect to reverse shells with native…