frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet. Now, it supports tcp, udp, http and https protocol when requests can be...
Responder an LLMNR, NBT-NS, and MDNS poisoner. It will answer to specific NBT-NS (NetBIOS Name Service) queries based on their name suffix (see: http://support.microsoft.com/kb/163409). By default, the tool will only answer to File Server Service request, which...
trivy A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers. Trivy detects vulnerabilities of OS packages (Alpine,...
XC Netcat like a reverse shell for Linux & Windows. Features Windows Usage: └ Shared Commands: !exit !upload <src> <dst> * uploads a file to the target !download <src> <dst> * downloads a file...
envizon – the network visualization tool This tool is designed, developed, and supported by evait security. In order to give something back to the security community, we publish our internally used and developed, state-of-the-art...
Wifipumpkin3 wifipumpkin3 is a powerful framework for rogue access point attack, written in Python, that allows and offers to security researchers, red teamers, and reverse engineers to mount a wireless network to conduct a...
checkov Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Cloudformation, or kubernetes and detects security and compliance misconfigurations. Checkov is written in Python and provides a...
QueenSono ICMP Data Exfiltration A Golang Package for Data Exfiltration with ICMP protocol. QueenSono tool only relies on the fact that ICMP protocol isn’t monitored. It is quite common. It could also be used...
emp3r0r Linux post-exploitation framework made by Linux user features beautiful terminal UI, use tmux for window management multi-tasking, you don’t need to wait for any commands to finish basic API provided through Unix socket...
BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. It can even find non-standard ports by using the -sV inside Nmap. Supported Services ssh ftp telnet vnc mssql mysql...
Suggested Reading