gssapi-abuse was released as part of my DEF CON 31 talk. A full write up on the abuse vector can…
DllNotificationInection is a POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification…
Discover 'httpAlive,' a powerful URL analysis tool designed for web application penetration testing. With features like user-agent rotation, multithreading, and…
PwnDoc is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx…
This tool performs various checks via headers, path normalization, verbs, etc. to attempt to bypass ACL's or URL validation. It…
SSH3 is a complete revisit of the SSH protocol, mapping its semantics on top of the HTTP mechanisms. In a…
Easy EASM is just that... the easiest to set-up tool to give your organization visibility into its external facing assets.…
This program is a tool written in Python to recover the pre-shared key of a WPA2 WiFi network without any…
In the ever-evolving landscape of cybersecurity, red teamers and bug hunters are constantly seeking new tools to aid in their…
PipeViewer is a GUI tool that allows users to view details about Windows Named pipes and their permissions. It is…