wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client…
JARM is an active Transport Layer Security (TLS) server fingerprinting tool. JARM fingerprints can be used to: Quickly verify that…
UnhookMe is a Universal Windows API Resolver And Unhooker Addressing Problem Of Invoking Unmonitored System Calls From Within Of Your…
Sigurlfind3R is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback Machine. Usage sigurlfind3r -h This will…
ADCSPwn is a tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and…
Php-Jpeg-Injector Injects php payloads into jpeg images. Related to this post. Exploiting PHP-GD Image Create From jpeg() Function Proof-of-concept to exploit…
Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or…
Cloud security raises significant challenges for organizations, as more workloads and mission critical applications move to the cloud. XDR is…
Go-Shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls…
cThreadHijack is a Beacon Object File (BOF) for remote process injection, via thread hijacking, without spawning a remote thread. Accompanying…