ShadowSpray is a tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in...

Screenshots How to use https://www.youtube.com/watch?v=rpcGqwZU2As Read Me LFI Space is a robust and efficient tool designed to detect Local File Inclusion (LFI) vulnerabilities in web...

TLDHunt is a command-line tool designed to help users find available domain names for their online projects or businesses. By providing a keyword and...

SpiderSuite is an Advance web spider/crawler for cyber security professionals. An advance cross-platform and multi-feature GUI web spider/crawler for cyber security proffesionals. Spider Suite can...

Kali Linux 2023.3 Released along with many tools and feature updates which can be useful for security researchers, penetration testers, bug bounty hunters and...

Domain-Protect is an OWASP Domain Protect - prevent subdomain takeover. Prevent subdomain takeover ... ... with serverless cloud infrastructure OWASP Global AppSec Dublin - talk and demo Features scan...

Metlo is an open-source API security platform. Metlo is an open source API security tool you can setup in < 15 minutes that inventories your...

Nimbo-C2 is yet another (simple and lightweight) C2 framework. Nimbo-C2 agent supports x64 Windows & Linux. It's written in Nim, with some usage of .NET...

NTLMRecon is a tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints. NTLMRecon is a Golang version of the...

Fuzztruction is an academic prototype of a fuzzer that does not directly mutate inputs (as most fuzzers do) but instead uses a so-called generator...