Nimplant is a cross-platform (Linux & Windows) implant written in Nim as a fun project to learn about Nim and…
Http-Request-Smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request to bypass…
AlanFramework is a post-exploitation framework useful during red-team activities. Changelog 3.0.0 - 15/05/2021 Renamed agent shell quit command to exitImplemented agent migration via migrate commandFixed…
Karton is a robust framework for creating flexible and lightweight malware analysis backends. It can be used to connect malware* analysis systems into a…
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client…
JARM is an active Transport Layer Security (TLS) server fingerprinting tool. JARM fingerprints can be used to: Quickly verify that…
UnhookMe is a Universal Windows API Resolver And Unhooker Addressing Problem Of Invoking Unmonitored System Calls From Within Of Your…
Sigurlfind3R is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback Machine. Usage sigurlfind3r -h This will…
ADCSPwn is a tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and…
Php-Jpeg-Injector Injects php payloads into jpeg images. Related to this post. Exploiting PHP-GD Image Create From jpeg() Function Proof-of-concept to exploit…