🕸️ Web apps in pure Python 🐍

Hunt down social media accounts by username across social networks

Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.

Mass Assigner is a simple tool made to probe for mass assignment vulnerability through JSON field modification in HTTP requests

DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.

future-proof vulnerability detection benchmark, based on CVEs in open-source repos

Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!!!)

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

🌒 Shell command obfuscation to avoid detection systems

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

🕵️ Analyse binaries for missing security features, information disclosure and more...

Tool to remotely dump secrets from the Windows registry

JA4 is a suite of network fingerprinting standards

A fast and comprehensive tool for organizational network scanning

A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers

A Modern Framework for Bug Bounty Hunting

「💀」Proof of concept on BYOVD attack

A Slack bot phishing framework for Red Teaming exercises

A tool to reverse engineer and inspect the RPM and APT databases to list all the packages along with executables, service and versions.

A utility for detecting webpage inputs and conducting XSS scans.

Thief Raccoon is a tool designed for educational purposes to demonstrate how phishing attacks can be conducted on various operating systems. This tool is intended to raise awareness about cybersecu…

PIP-INTEL is an OSINT (Open Source Intelligence) tool designed using various open-source tools and pip packages.

Invisible network protocol sniffer

cross-platform, cli app to perform various operations on string

Entropy is a CLI tool that will scan your codebase for high entropy lines, which are often secrets.

fabric is an open-source framework for augmenting humans using AI. It provides a modular framework for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

ROPDump is a command-line tool designed to analyze binary executables for potential Return-Oriented Programming (ROP) gadgets, buffer overflow vulnerabilities, and memory leaks.

Intelligence development framework in python for your product like Apple Intelligence

A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.