Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.

Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy…

The open source Tines / Splunk SOAR alternative.

🤖 Chat with your SQL database 📊. Accurate Text-to-SQL Generation via LLMs using RAG 🔄.

General scripts

Volatility 3.0 development

A simple demo of phishing by abusing the browser autofill feature

Rapidly Search and Hunt through Windows Forensic Artefacts

Digging Deeper....

Malicious traffic detection system

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Phishing catcher using Certstream

AI-powered scams deceive and manipulate individuals using fake videos, audio, or images. Join our webinar to unmask the truth behind deepfakes, explore their dangers, and gain the ultimate guide to…

Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, col…

Nmap Dashboard Mini Project

Compact tool for building and debugging applications for Flipper Zero.

The Official USB Rubber Ducky Payload Repository

Drone pentesting framework console

onedrive user enumeration - pentest tool to enumerate valid o365 users

Shreder is a powerful multi-threaded SSH protocol password brute-force tool.

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.

SeaShell Framework is an iOS post-exploitation framework that enables you to access the device remotely, control it and extract sensitive information.

RomBuster is a router exploitation tool that allows to disclosure network router admin password.

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

A black hole for Internet advertisements

Firepwn is a tool made for testing the Security Rules of a firebase application.

This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.

A swiss army knife for pentesting networks

Exploit for zerologon cve-2020-1472

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to by…