Subdomain takeover is a class of vulnerability where subdomain points to an external service that has been deleted. The external services are Github, Heroku,...

Atlas is an open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS, the tool is based on returned status code. Atlas Installation $ git...

Dex2jar is a tool to work with android .dex and java .class files. dex-reader/writer: Read/write the Dalvik Executable (.dex) file. It has a...

XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important values. These...

HeapHopper is a bounded model checking framework for Heap-implementation.  HeapHopper Setup sudo apt update && sudo apt install build-essential python-dev virtualenvwrapper git clone https://github.com/angr/heaphopper.git && cd ./heaphopper mkvirtualenv...

Malwoverview is a first response tool to perform an initial and quick triage on either a directory containing malware samples or a specific malware...

DbgShell a PowerShell front-end for the Windows debugger engine. DbgShell Inducement Have you ever tried automating anything in the debugger? (cdb/ntsd/kd/windbg) How did that go for...

DarkSpiritz is a penetration testing framework for UNIX systems. It is a re-vamp of the very popular framework known as "Roxysploit". You may be...

NodeXP is an intergrated tool, written in Python 2.7, capable of detecting possible vulnerabilities on Node.js services as well as exploiting them in an...

SubScraper uses DNS brute force, Google & Bing scraping, and Virus Total to enumerate subdomains without an API. Written in Python3, SubScraper performs HTTP(S)...