DragonCastle is a PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process. Description Upload a DLL to the target...

Ghauri is an advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws. Requirements Python 3 Python pip3 Installation cd to ghauri directory. install requirements:...

APTRS (Automated Penetration Testing Reporting System) is an automated reporting tool in Python and Django. The tool allows Penetration testers to create a report...

AV|Ator is a backdoor generator utility, which uses cryptographic and injection techniques in order to bypass AV detection. More specifically: It uses AES encryption in...

Fuzzable is a Framework for Automating Fuzzable Target Discovery with Static Analysis. Vulnerability researchers conducting security assessments on software will often harness the capabilities of...

TerraLdr is a Payload Loader Designed With Advanced Evasion Features. Details no crt functions imported syscall unhooking using KnownDllUnhook api hashing using Rotr32 hashing algo payload encryption using rc4...

The goal of YATAS is to help you create a secure AWS environment without too much hassle. It won't check for all best practices...

AceLdr is a position-independent reflective loader for Cobalt Strike. Zero results from Hunt-Sleeping-Beacons, BeaconHunter, BeaconEye, Patriot, Moneta, PE-sieve, or MalMemDetect. Features Easy to Use Import a single...

REST-Attacker is an automated penetration testing framework for APIs following the REST architecture style. The tool's focus is on streamlining the analysis of generic...

DotDumper is a automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022. The automatic detection...