Offensive security testing uncovers vulnerabilities through simulated attacks.
A tool that visits suspected phishing pages, takes screenshots, and extracts interesting files.
MiniCPS is a framework for Cyber-Physical Systems real-time simulation with support for physical process and control devices simulation, and network emulation.
The Proxmark III is a versatile device for sniffing, reading, and cloning RFID tags with strong community support.
CrossC2 enables generation of cross-platform payloads for CobaltStrike, enhancing operational flexibility.
A tutorial on how to use Apache mod_rewrite to randomly serve payloads in phishing attacks
Repository of tools for testing iPhone messaging by Project Zero
A subdomain scan tool that helps you find subdomains of a given domain.
Generate a variety of suspect actions detected by Falco rulesets.
A penetration testing framework for identifying and exploiting vulnerabilities.
A repository containing material for Android greybox fuzzing with AFL++ Frida mode
A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.
A practical guide on NTLM relaying for Active Directory attacks.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
An open source network penetration testing framework with automatic recon and scanning capabilities.
A credit card/magstripe spoofer that can emulate any magnetic stripe or credit card wirelessly.
Modular framework for web services penetration testing with support for various attacks.
A front-end JavaScript toolkit for creating DNS rebinding attacks
A tool for detecting and taking over subdomains with dead DNS records
Full-featured C2 framework for stealthy communication and control on web servers.
Exploiting WordPress With Metasploit, containing 45 modules for exploits and auxiliaries.
