Hackish way to intercept and modify non-HTTP protocols through Burp & others.

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.

The tool 𝗲𝗻𝘂𝗺𝘅 is a framework built for Kali Linux that uses a plethora of existing pentesting tools as plugins in order to simplify and standardize the enumeration stage at a simplistic level. It …

DLL and PowerShell script to assist with finding DLL hijacks

Python script to simulate the display from "The Matrix" in terminal. Uses half-width katakana unicode characters by default, but can use custom character sets. Accepts keyboard controls while runni…

Fuzzer and Lightweight CLI Client for Postman Collections

C# Data Collector for BloodHound

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

cloc counts blank lines, comment lines, and physical lines of source code in many programming languages.

Detect and bypass web application firewalls and protection systems

smbclient-ng, a fast and user friendly way to interact with SMB shares.

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The following binary network packet capture formats are supporte…

.netxml to .kml CLI converter & tools

Brute force password selection for EAP-MD5 authentication exchanges

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

Simple HS256, HS384 & HS512 JWT token brute force cracker.

parse nmap files

PowerShell Obfuscator

Utility for programming ch57x small keyboard

Abusing impersonation privileges through the "Printer Bug"

Small tool to capture packets from wlan devices.

Python zipfile extensions

An interactive shell to spoof some LOLBins command line

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

Testing TLS/SSL encryption anywhere on any port