Droopescan is a plugin-based scanner that aids security researchers in identifying issues with several CMS. Usage of droopescan for attacking…
Exrop is automatic ROP chains generator tool which can build gadget chain automatically from given binary and constraints Requirements : Triton, ROPGadget…
truffleHog previously functioned by running entropy checks on git diffs. This functionality still exists, but high signal regex checks have…
Get-RBCD-Threaded is a tool to discover Resource-Based Constrained Delegation attack paths in Active Directory Environments Based almost entirely on wonderful…
CloudSploit by Aqua is an open-source project designed to allow detection of security risks in cloud infrastructure accounts, including: Amazon…
Dive is a tool for exploring a docker image, layer contents, and discovering ways to shrink the size of your…
PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells.…
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration…
LDAP Password Hunter is a tool which wraps features of getTGT.py (Impacket) and ldapsearch in order to look up for…
AWS-Loot tool allows quick enumeration over large sets of AWS instances and services. Install pip install -r requirements.txt An AWS…