graphql-threat-matrix was built for bug bounty hunters, security researchers and hackers to assist with uncovering vulnerabilities across multiple GraphQL implementations. The…
Malicious-Pdf Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh Used for penetration testing and/or…
Cliam is a simple cloud permissions identifier. There are two main components to the CLI. Most of the enumerated permissions…
LDAPFragger is a Command and Control tool that enables attackers to route Cobalt Strike beacon data over LDAP using user…
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and debugging…
Leaked Windows processes handles identification tool. Useful for identify new LPE vulnerabilities during a pentest or simply as a new…
Pybatfish is a Python client for Batfish. What is Batfish? Batfish is a network validation tool that provides correctness guarantees for…
moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of…
Nanodump, a flexible tool that creates a minidump of the LSASS process. Features It uses syscalls (with SysWhispers2) for most operations.Syscalls…
BackupOperatorToDA, From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain…