WebView2-Cookie-Stealer, According to Microsoft, “Microsoft Edge WebView2 control allows you to embed web technologies (HTML, CSS, and JavaScript) in your…
Tofu is a modular tool for hacking offline Windows filesystems and bypassing login screens. Can do hashdumps, OSK-Backdoors, user enumeration…
FrostByte Is A POC Project That Combines Different Defense Evasion Techniques. In the past few days I've been experimenting with…
Admin-Panel_Finder is a burp suite extension that enumerates infrastructure and application Admin Interfaces.OWASP References: Classification: Web Application Security Testing >…
Gshell is a simple yet flexible cross-platform shell generator tool. A cross-platform shell generator tool that lets you generate whichever…
DOMDig is a DOM XSS scanner that runs inside the Chromium web browser and it can scan single page applications…
ConfluencePot is a simple honeypot for the Atlassian Confluence unauthenticated and remote OGNL injection vulnerability (CVE-2022-26134). About the vulnerability You…
SharpEventPersist is a Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file "C:\path\to\shellcode.bin"-instanceid…
MITM_Intercept is a little bit less hackish way to intercept and modify non-HTTP protocols through Burp and others with SSL…
Jeeves is made for looking to Time-Based Blind SQLInjection through recon. Installation & Requirements Installing Jeeves $ go install github.com/ferreiraklet/Jeeves@latest…