Mondoo Mondoo is a natural language query system for scanning, deploying, and remediating your cloud-native applications. Feature Insights into your fleet Ask questions about your deployments and get answers. Simple questions are answered using...
HintInject HintInject is a shellcode embedder and loader that I developed while playing with the PE file and Import Directory Table structures. It takes a raw shellcode file and puts the shellcode in chunks...
AIL framework – Framework for Analysis of Information Leaks AIL is a modular framework to analyze potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams....
NtdsAudit is an application to assist in auditing Active Directory databases. It provides some useful statistics relating to accounts and passwords, as shown in the following example. It can also be used to dump...
SharpWSUS SharpWSUS is a CSharp tool for lateral movement through WSUS. WSUS is a Microsoft solution for administrators to deploy Microsoft product updates and patches across an environment in a scalable manner, using a...
grype A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Features Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating...
CDK – Zero Dependency Container Penetration Toolkit CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many...
Mythic Mythic is a multiplayer, command, and control platform for red teaming operations. It is designed to facilitate a plug-n-play architecture where new agents, communication channels, and modifications can happen on the fly. One...
Here you will find privilege escalation tools for Windows and Linux/Unix* (in some near future also for Mac). These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so...
h8mail Email OSINT and password finder. Use h8mail to find passwords through a different breach and reconnaissance services, or the infamous “Breach Compilation” torrent. Features 🔎 Email pattern matching (regexp), useful for all those raw HTML...
