AdaptixC2


AdaptixC2

License: GPL-3.0 license


Description:

AdaptixC2 is an extensible post-exploitation and adversarial emulation framework designed for penetration testers. It features a server/client architecture, cross-platform GUI, encrypted communication, plugin support, task management, and multi-platform agents, making it a versatile tool for cybersecurity assessments.

VaulTLS

VaulTLS

License: GPL-3.0 license


Description:

VaulTLS is a self-hosted web app for managing mutual TLS certificates centrally, featuring a modern web interface, OpenID Connect support, email notifications, RESTful API, and Docker support. Built with Rust and Vue.js, it simplifies certificate management for home labs and small environments.

OWASP Nettacker


OWASP Nettacker

License: Apache-2.0 license


Description:

OWASP Nettacker is an open source automation tool in Python for information gathering, vulnerability scanning, and penetration testing. It discovers open ports, services, bugs, vulnerabilities, misconfigurations, default credentials, subdomains, and more, with multiple modes including command-line, API, Web GUI, and Docker.

WaybackLister

WaybackLister

License: GPL-3.0 license


Description:

WaybackLister is a reconnaissance tool that utilizes the Wayback Machine to find and verify historical URLs and directory listings for security assessments and bug bounty recon, supporting multithreaded scanning and subdomain discovery.

Villain


Villain

License: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International


Description:

Villain is a high-level Stage 0/1 C2 framework that can handle multiple reverse TCP and HoaxShell-based shells, enhance their functionality with additional features (commands, utilities), and share them among connected sibling servers (Villain instances running on different machines).

hawk-eye


hawk-eye

License: LGPLv2


Description:

Hawk Eye is a powerful command-line tool designed to scan various data sources like filesystems, S3, databases, Slack, and cloud storage for PII and sensitive data, using advanced text analysis and OCR techniques for comprehensive security auditing.

PyCrack


PyCrack

License: MIT license


Description:

PyCrack is an advanced password cracking tool supporting brute-force, dictionary, and random attacks. It can crack files and hashes like PDF, ZIP, MS Office, MD5, SHA variants, and BLAKE2B/S. It is suitable for Linux systems and can be used with Docker for easy deployment.

GoSearch

License: GPLv3


Description:

GoSearch is an efficient and reliable OSINT tool designed for uncovering digital footprints associated with a given username. It’s fast, straightforward, and dependable, enabling users to track an individual’s online presence across multiple platforms. GoSearch also integrates data from HudsonRock’s Cybercrime Intelligence Database to provide insights into cybercrime-related information. It also taps into BreachDirectory.org’s and ProxyNova’s database offering access to a comprehensive list of data breaches, plain-text and hashed passwords linked to the username. This tool is ideal for those needing accurate, no-frills results when investigating online identities.