RustPatchlessCLRLoader The RustPatchlessCLRLoader leverages a sophisticated integration of patchless techniques for bypassing both Event Tracing for Windows (ETW) and the Windows Antimalware Scan Interface (AMSI) across all threads with the goal of loading .NET...
The post RustPatchlessCLRLoader: .NET assembly loader with patchless AMSI and ETW bypass appeared first on Penetration Testing Tools.
OSV-Scanner Use OSV-Scanner to find existing vulnerabilities affecting your project’s dependencies. OSV-Scanner provides an officially supported frontend to the OSV database that connects a project’s list of dependencies with the vulnerabilities that affect them. Since...
The post osv-scanner: find existing vulnerabilities affecting your project’s dependencies appeared first on Penetration Testing Tools.
dissect Dissect is a digital forensics and incident response framework and toolset developed by Fox-IT (part of NCC Group). It allows you to quickly access and analyze forensic artifacts from various disk and file formats....
The post Dissect: The Open-Source Framework for Large-Scale Host Investigations appeared first on Penetration Testing Tools.
smbtakeover A technique to unbind and rebind 445/tcp on Windows without loading a driver, loading a module into LSASS, or rebooting the target machine. Implemented to ease the burden of SMB-based NTLM relays while...
The post smbtakeover: Unbind 445/tcp on Windows via SCM interactions appeared first on Penetration Testing Tools.
Real Intelligence Threat Analytics Real Intelligence Threat Analytics (RITA) is an open-source framework for network traffic analysis. The framework ingests Bro Logs, and currently supports the following analysis features: Beaconing Detection: Search for signs of...
The post RITA: Real Intelligence Threat Analytics appeared first on Penetration Testing Tools.
strace – the Linux syscall tracer strace is a diagnostic, debugging, and instructional userspace utility for Linux. It is used to monitor and tamper with interactions between processes and the Linux kernel, which include...
The post strace: a diagnostic, debugging, and instructional userspace utility for Linux appeared first on Penetration Testing Tools.
PANIX PANIX is a highly customizable Linux persistence tool for security research, detection engineering, penetration testing, CTFs and more. It prioritizes functionality over stealth and is easily detectable. PANIX is supported on popular distributions...
The post PANIX: A highly customizable Linux persistence tool appeared first on Penetration Testing Tools.
BloodHound BloodHound CE is a security tool that uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Entra ID (formerly known as Azure AD) environment. Attackers can...
The post BloodHound: Active Directory Toolkit appeared first on Penetration Testing Tools.
Snort++ Snort 3 is the next generation Snort IPS (Intrusion Prevention System). This version of Snort++ includes new features as well as all Snort 2.X features and bug fixes for the base version...
The post Snort: Intrusion Prevention System appeared first on Penetration Testing Tools.
brutespray Brutespray has been updated to golang. Without needing to rely on other tools this version will be extensible to bruteforce many different services and is way faster than its Python counterpart. Currently, Brutespray...
The post brutespray: Automatically attempts default creds on found services appeared first on Penetration Testing Tools.
BunkerWeb BunkerWeb is a next-generation and open-source Web Application Firewall (WAF). Being a full-featured web server (based on NGINX under the hood), it will protect your web services to make them “secure by default”. BunkerWeb integrates...
The post BunkerWeb: Open-source and next-generation Web Application Firewall (WAF) appeared first on Penetration Testing Tools.
opensquat openSquat is an opensource Intelligence (OSINT) R&D project to identify cybersquatting threats to specific companies or domains, such as: Domain squatting Typosquatting IDN homograph attacks Phishing Scams It does support some key features such as:...
The post opensquat: opensource Intelligence R&D project to identify cyber squatting threats appeared first on Penetration Testing Tools.
DeadPotato DeadPotato is a Windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by...
The post DeadPotato: A Windows privilege escalation utility appeared first on Penetration Testing Tools.
Wazuh Wazuh helps you gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the following capabilities: Log...
The post wazuh: Host and endpoint security appeared first on Penetration Testing Tools.
Amoco Amoco is a Python package dedicated to the (static) analysis of binaries. It features: a generic framework for decoding instructions developed to reduce the time needed to implement support for new architectures. For...
The post Amoco: tool for analysing binaries appeared first on Penetration Testing Tools.
CODASM CODASM allows you to encode arbitrary data into pseudo-ASM instructions and compile them into the .text section of binaries. Payloads (esp. shellcode) come with pretty high entropy and look out of place in...
The post codasm: Payload encoding utility to effectively lower payload entropy appeared first on Penetration Testing Tools.
Fsociety Hacking Tools Pack – A Penetration Testing Framework A Penetration Testing Framework, you will have the very script that a hacker needs Fsociety Contains All Tools Used In Mr. Robot Series Menu ...
The post fsociety: Modular Penetration Testing Framework appeared first on Penetration Testing Tools.
mitmproxy mitmproxy is an interactive, SSL-capable intercepting proxy with a console interface. mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP. mitmweb is a web-based interface for mitmproxy. pathoc and pathod are...
The post mitmproxy: An interactive TLS-capable intercepting HTTP proxy appeared first on Penetration Testing Tools.
SessionExec SessionExec allows you to execute specified commands in other Sessions on Windows Systems, either targeting a specific session ID or All sessions, with the option to suppress command output. The tool is inspired...
The post SessionExec: Execute commands in other Sessions appeared first on Penetration Testing Tools.
HackBrowserData HackBrowserData is a command-line tool for decrypting and exporting browser data (passwords, history, cookies, bookmarks, credit cards, download history, localStorage and extensions) from the browser. It supports the most popular browsers on the market...
The post HackBrowserData: Decrypt passwords/cookies/history/bookmarks from the browser appeared first on Penetration Testing Tools.
