Multi-Cloud Security Auditing Tool

Privilege Escalation Project - Windows / Linux / Mac

Under Improvement

Modlishka. Reverse Proxy.

Dex to Java decompiler

Tools for Kerberos PKINIT and relaying to AD CS

Python version of the C# tool for "Shadow Credentials" attacks

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Find, verify, and analyze leaked credentials

Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…

Exploitation Framework for Embedded Devices

A WiFi security auditing software mainly based on aircrack-ng tools suite

Network-wide ads & trackers blocking DNS server

WPS pin generator written in Python 3

Comfortably monitor your Internet traffic 🕵️‍♂️

A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.

The Rogue Access Point Framework

Nagaw is a simple yet effective captive portal tool coded in Python

Evil client portion of EAP relay attack

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

SensePost's modified hostapd for wifi attacks.

Wordlists for creating statistically likely username lists for use in password attacks and security testing

EAP_buster is a simple bash script that lists what EAP methods are supported by the RADIUS server behind a WPA-Enterprise access point

crEAP will identify WPA Enterprise mode EAP types and harvest usernames and/or handshakes if insecure protocols are in use.

coWPAtty: WPA2-PSK Cracking