Rubeus Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy‘s Kekeo project (CC BY-NC-SA 4.0 license) and Vincent LE TOUX‘s MakeMeEnterpriseAdmin project (GPL v3.0 license). Full credit goes to Benjamin and Vincent for...
ESP32 Marauder The ESP32 Marauder is a suite of WiFi/Bluetooth offensive and defensive tools created for the ESP32 and was originally inspired by Spacehuhn’s esp8266_deauther project. The tool itself serves as a portable device used to test...
Sliver Sliver is a Command and Control (C2) system made for penetration testers, red teams, and advanced persistent threats. It generates implants (slivers) that can run on virtually every architecture out there, and securely...
Mondoo Mondoo is a natural language query system for scanning, deploying, and remediating your cloud-native applications. Feature Insights into your fleet Ask questions about your deployments and get answers. Simple questions are answered using...
HintInject HintInject is a shellcode embedder and loader that I developed while playing with the PE file and Import Directory Table structures. It takes a raw shellcode file and puts the shellcode in chunks...
AIL framework – Framework for Analysis of Information Leaks AIL is a modular framework to analyze potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams....
NtdsAudit is an application to assist in auditing Active Directory databases. It provides some useful statistics relating to accounts and passwords, as shown in the following example. It can also be used to dump...
SharpWSUS SharpWSUS is a CSharp tool for lateral movement through WSUS. WSUS is a Microsoft solution for administrators to deploy Microsoft product updates and patches across an environment in a scalable manner, using a...
pip-audit pip-audit is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database via the PyPI JSON API as a source of vulnerability reports. This project is developed by Trail...
grype A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Features Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating...