rsGen: An Universal Reverse Shell Command Generator
rsGen – An Universal Reverse Shell Command Generator rsGen is an universal reverse shell command generator based on Windows Batch and Jscript hybrids. Not only support the generation of raw...
Category: Exploitation
Robber v1.7 releases: finding executables prone to DLL hijacking
Robber Robber is a free open source tool developed using Delphi XE2 without any 3rd party dependencies. What is DLL hijacking ?! Windows has a search path for DLLs in its...
Sickle v2.0.2 releases: Shellcode development tool
Sickle Sickle is a shellcode development tool created to speed up the various steps needed to create functioning shellcode. Sickle can aid in the following: Identifying instructions resulting in bad...
acsploit: a tool for generating worst-case inputs for algorithms
ACsploit: a tool for generating worst-case inputs for algorithms ACsploit is an interactive command-line utility to generate worst-case inputs to commonly used algorithms. These worst-case inputs are designed to result...
Nuages: A modular C2 framework
Nuages A modular C2 Nuages aims at being a C2 framework in which back end elements are open source, whilst implants and handlers must be developed ad hoc by users....
Ropper v1.13.8 releases: find gadgets to build rop chains for different architectures
Ropper You can use ropper to display information about binary files in different file formats and you can search for gadgets to build rop chains for different architectures (x86/X86_64, ARM/ARM64,...
OneGadget v1.9 releases: The best tool for finding one gadget RCE
OneGadget When playing ctf pwn challenges we usually need the one-gadget RCE (remote code execution), which leads to call execve(‘/bin/sh’, NULL, NULL). This gem provides such gadgets finder, no need to...
Graffiti: generate obfuscated oneliners to aid in penetration testing situations
Graffiti Graffiti is a tool to generate obfuscated oneliners to aid in penetration testing situations. It accepts the following languages for encoding: Python Perl Batch Powershell PHP Bash It will...
Evil Clippy v1.3 releases: hide VBA macros, stomp VBA code and confuse macro analysis tools
Evil Clippy A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX, and...
kimi v1.2 releases: generate malicious debian packages
kimi – Malicious Debian Package generator Script to generate malicious debian packages (debain trojans). About Kimi is name inspired from “Kimimaro” one of my favorite characters from anime called...
BinExp: Linux Binary Exploitation
Linux Binary Exploitation Topics Lecture 1. Memory Layout of the C program. ELF binaries. Overview of the stack during the function call. Assembly code for the function call and return....
slack-c2bot: Slack Web Services as a C2 Channel
Slack C2bot Slack C2bot that executes commands and returns the output. Install go get “github.com/nlopes/slack” Usage ./build.sh [$CHANID] [$SLACKTOKEN] The build script will generate a UUID for your bot. If...
fireELF: opensource fileless linux malware framework
fireELF fireELF is an opensource fileless Linux malware framework that’s cross-platform and allows users to easily create and manage payloads. By default, it comes with ‘memfd_create’ which is a new...
DeathMetal: Red team & penetration testing tools to exploit the capabilities of Intel AMT
DeathMetal DeathMetal is a suite of tools that interact with Intel AMT. It’s kind of a foray into a world filled with intrigue and reversing puzzles with useful results. Since...
SharpExec: offensive security C# tool designed to aid with lateral movement
SharpExec SharpExec is an offensive security C# tool designed to aid with lateral movement. It currently includes: -WMIExec – Semi-Interactive shell that runs as the user. Best described as a...
