OSINT Toolkit OSINT Toolkit is a full-stack web application designed to assist security analysts in their work. It combines various functions and services into a single tool, making it easier...
EternalHush Framework EternalHush Framework is a new open-source project that is an advanced C&C framework. Designed specifically for Windows operating systems, it allows users to easily extend its functionality by...
NtRemoteLoad Remote shellcode injector, based on HWSyscalls by ShorSec, leveraging undetectable (currently) indirect native syscalls to inject shellcode into another process, creating a thread and executing it. Usage .\NtRemoteLoad.exe <path_to_shellcode_file>...
Supernova Supernova is an open-source Golang tool that empowers users to securely encrypt their raw shellcodes. Additionally, it offers automatic conversion of the encrypted shellcode into formats compatible with various...
EscalateGPT A powerful Python tool that leverages the power of OpenAI to analyze AWS IAM misconfigurations. Features 🛠️ EscalateGPT is a Python tool to identify IAM policy issues and enhance Tenable...
MORF – Mobile Reconnaissance Framework Mobile Reconnaissance Framework is a powerful, lightweight, and platform-independent offensive mobile security tool designed to help hackers and developers identify and address sensitive information within...
Sucosh Scanny “Sucosh” is an automated Source Code vulnerability scanner(SAST) and assessment framework for Python(Flask-Django) & NodeJs capable of performing code review in Web Application Developing or Source Code Analysis...
Session Hijacking Visual Exploitation Session Hijacking Visual Exploitation is a tool that allows for the hijacking of user sessions by injecting malicious JavaScript code. Installation Prerequisites To run Session Hijacking...
Pentest Mapper Pentest Mapper is a Burp Suite extension that integrates the Burp Suite request logging with a custom application testing checklist. The extension provides a straightforward flow for application...
HTMLSmuggler HTMLSmuggler – JS payload generator for IDS bypass and payload delivery via HTML smuggling. The primary objective of HTML smuggling is to bypass network security controls, such as firewalls...
AtlasReaper AtlasReaper is a command-line tool developed for offensive security purposes, primarily focused on a reconnaissance of Confluence and Jira. It also provides various features that can be helpful for...
KnockKnock Designed to validate potential usernames by querying OneDrive and/or Microsoft Teams, which are passive methods. Additionally, it can output/create a list of legacy Skype users identified through Microsoft Teams...
EDRaser EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual....
Qlik Sense Enterprise is a powerful business intelligence (BI) and data analytics platform that helps organizations make better decisions. However, two critical security vulnerabilities have been found in Qlik Sense...
Sekiryu This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra in Headless mode. This toolkit provides a wide range...
Support Securityonline.info site. Thanks!
