Description:
WaybackLister is a reconnaissance tool that utilizes the Wayback Machine to find and verify historical URLs and directory listings for security assessments and bug bounty recon, supporting multithreaded scanning and subdomain discovery.
Security
Villain
License: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International
Description:
Villain is a high-level Stage 0/1 C2 framework that can handle multiple reverse TCP and HoaxShell-based shells, enhance their functionality with additional features (commands, utilities), and share them among connected sibling servers (Villain instances running on different machines).
hawk-eye
Description:
Hawk Eye is a powerful command-line tool designed to scan various data sources like filesystems, S3, databases, Slack, and cloud storage for PII and sensitive data, using advanced text analysis and OCR techniques for comprehensive security auditing.
PyCrack
Description:
PyCrack is an advanced password cracking tool supporting brute-force, dictionary, and random attacks. It can crack files and hashes like PDF, ZIP, MS Office, MD5, SHA variants, and BLAKE2B/S. It is suitable for Linux systems and can be used with Docker for easy deployment.
GoSearch
Description:
GoSearch is an efficient and reliable OSINT tool designed for uncovering digital footprints associated with a given username. It’s fast, straightforward, and dependable, enabling users to track an individual’s online presence across multiple platforms. GoSearch also integrates data from HudsonRock’s Cybercrime Intelligence Database to provide insights into cybercrime-related information. It also taps into BreachDirectory.org’s and ProxyNova’s database offering access to a comprehensive list of data breaches, plain-text and hashed passwords linked to the username. This tool is ideal for those needing accurate, no-frills results when investigating online identities.
Anubis
Description:
Anubis weighs the soul of your connection using a proof-of-work challenge in order to protect upstream resources from scraper bots. This program is designed to help protect the small internet from the endless storm of requests that flood in from AI companies. Anubis is as lightweight as possible to ensure that everyone can afford to protect the communities closest to them.
OPKSSH
Description:
opkssh is a tool which enables ssh to be used with OpenID Connect allowing SSH access management via identities like [email protected] instead of long-lived SSH keys. It does not replace ssh, but rather generates ssh public keys that contain PK Tokens and configures sshd to verify the PK Token in the ssh public key. These PK Tokens contain standard OpenID Connect ID Tokens. This protocol builds on the OpenPubkey which adds user public keys to OpenID Connect without breaking compatibility with existing OpenID Provider.
Malwoverview
Description:
Malwoverview.py is a first response tool for threat hunting, which performs an initial and quick triage of malware samples, URLs, IP addresses, domains, malware families, IOCs and hashes. Additionally, Malwoverview is able to get dynamic and static behavior reports, submit and download samples from several endpoints. In few words, it works as a client to main existing sandboxes.
Finders Keypers
Description:
AWS KMS Encryption Key Usage and Blast Radius Finder
Exegol
Description:
Exegol is a community-driven hacking environment, powerful and yet simple enough to be used by anyone in day to day engagements. Exegol is the best solution to deploy powerful hacking environments securely, easily, professionally.