QCSuper QCSuper is a tool communicating with Qualcomm-based phones and modems, allowing to capture raw 2G/3G/4G (and for certain models...
Penetration Testing
BadExclusions Now With Better Opsec BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented...
NTLM Relay Gat NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM...
go-secdump Package go-secdump is a tool built to remotely extract hashes from the SAM registry hive as...
The Damne Vulnerable Android Components – DVAC Damn Vulnerable Android Components (DVAC) is an educational Android application...
proctools Small toolkit for extracting information and dumping sensitive strings from Windows processes. Made to accompany another...
APIDetector APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains...
pphack pphack is a CLI tool for scanning websites for client-side prototype pollution vulnerabilities. Feature Fast (concurrent...
ThievingFox ThievingFox is a collection of post-exploitation tools to gather credentials from various password managers and Windows...
SmuggleFuzz SmuggleFuzz is designed to assist in identifying HTTP downgrade attack vectors. Its standout feature is not...
GraphStrike GraphStrike is a suite of tools that enables Cobalt Strike’s HTTPS Beacon to use Microsoft Graph API for...
Damn Vulnerable RESTaurant An intentionally vulnerable API service designed for learning and training purposes dedicated to developers,...
Ligolo-mp Ligolo-mp is a more specialized version of Ligolo-ng, with client-server architecture, enabling pentesters to play with multiple...
C2 Cloud The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of...
secator secator is a task and workflow runner used for security assessments. It supports dozens of well-known...