PPL Exploit PoC (Proof of Concept) This repository contains a C++ Proof of Concept (PoC) demonstrating the exploitation of Windows Protected Process Light (PPL) using COM-to-.NET redirection and reflection techniques for code injection. The...
The post ComDotNetExploit: PoC for Windows PPL Bypass via COM-to-.NET appeared first on Penetration Testing Tools.
Gato (Github Attack TOolkit) Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access...
The post Github Attack Toolkit: GitHub Self-Hosted Runner Enumeration and Attack Tool appeared first on Penetration Testing Tools.
Mimicry Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation. Active deception can live to migrate the attacker to the honeypot without awareness. We can achieve a...
The post mimicry: active deception in exploitation and post-exploitation appeared first on Penetration Testing Tools.
Twilio Security Scanner A security scanning tool for Twilio accounts that helps detect misconfigurations and security risks, including: Public serverless functions and assets Unencrypted HTTP webhooks in phone numbers and messaging services API keys...
The post Twilio Security Scanner: Audit and Harden Your Twilio Configs in Seconds appeared first on Penetration Testing Tools.
FindGPPPasswords A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts. Features Only requires a low privileges domain user account. Automatically gets the list of all...
The post FindGPPPasswords: Uncover Group Policy Preferences Passwords appeared first on Penetration Testing Tools.
PowerHuntShares PowerHuntShares is designed to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intended to help IAM and other blue teams gain a...
The post PowerHuntShares: inventory, analyze, and report excessive privileges configured on Active Directory domains appeared first on Penetration Testing Tools.
MSFTRecon is a reconnaissance tool designed for red teamers and security professionals to map Microsoft 365 and Azure tenant infrastructure. It performs comprehensive enumeration without requiring authentication, helping identify potential security misconfigurations and attack...
The post MSFTRecon: Unauthenticated Recon Tool for Microsoft 365 & Azure appeared first on Penetration Testing Tools.
YATAS Yet Another Testing & Auditing Solution Features YATAS is a simple and easy-to-use tool to audit your infrastructure for misconfiguration or potential security issues. AWS – 43 Checks APIGateway AWS_APG_001 Apigateway Cloudwatch Logs...
The post YATAS: AWS security, hardening, configurations, logging auditing tool appeared first on Penetration Testing Tools.
mitmproxy2swagger A tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic. Install First, you will need python3 and pip3....
The post mitmproxy2swagger: Automagically reverse-engineer REST APIs appeared first on Penetration Testing Tools.
Porch Pirate Porch Pirate started as a tool to quickly uncover Postman secrets, and has slowly begun to evolve into a multi-purpose reconnaissance / OSINT framework for Postman. While existing tools are great proof...
The post Porch Pirate: The most comprehensive Postman recon / OSINT client and framework appeared first on Penetration Testing Tools.
REcollapse REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications. It can also be helpful to bypass WAFs and weak vulnerability mitigations. For more information,...
The post REcollapse: black-box regex fuzzing to bypass validations and discover normalizations in WebApps appeared first on Penetration Testing Tools.
Linkook is an OSINT tool for discovering linked/connected social accounts and associated emails across multiple platforms using a single username. It also supports exporting the gathered relationships in a Neo4j-friendly format for visual analysis. Main Features Search...
The post linkook: An OSINT tool for discovering linked social accounts and associated emails appeared first on Penetration Testing Tools.
COM Type Coercion Execution in PowerShell This technique leverages PowerShell’s .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit type coercion. A custom .NET object is defined in PowerShell with an...
The post Living-off-the-COM-Type-Coercion-Abuse: achieve stealthy command execution by abusing implicit type coercion appeared first on Penetration Testing Tools.
MailFail identifies and provides commands to exploit a large number of email-related misconfigurations for the current domain and subdomain within a web browser. The extension’s UI popup highlights any misconfigurations in red and links...
The post MailFail: Identify Email Misconfigurations in Your Browser appeared first on Penetration Testing Tools.
SCRIPTKIDDI3 Introducing SCRIPTKIDDI3, a powerful recon and initial vulnerability detection tool for Bug Bounty Hunters. Built using a variety of open-source tools and a shell script, SCRIPTKIDDI3 allows you to quickly and efficiently run...
The post scriptkiddi3: recon and initial vulnerability detection tool appeared first on Penetration Testing Tools.
chgpass.exe is a Windows standalone executable tool that allows you to change the password of user/computer accounts in Active Directory (AD) via MS-SAMR protocol. This tool can be used when you have the necessary permissions...
The post CHGPass: Command-Line Tool to Change Active Directory Passwords appeared first on Penetration Testing Tools.
Katana A next-generation crawling and spidering framework Feature Fast And fully configurable web crawling Standard and Headless mode support JavaScript parsing / crawling Customizable automatic form filling Scope control – Preconfigured field / Regex Customizable output – Preconfigured fields INPUT – STDIN, URL and LIST...
The post katana: next-generation crawling and spidering framework appeared first on Penetration Testing Tools.
FlowMate Have you ever wondered how to consider all input-to-output correlations of a web application during a pentest? With FlowMate, you no longer have to. FlowMate is our BurpSuite extension designed to introduce taint analysis to web...
The post FlowMate: BurpSuite extension that brings taint analysis to web applications appeared first on Penetration Testing Tools.
CaptainCredz is a modular and discreet password-spraying tool, with advanced features such as a cache mechanism and a fine-grained timing control. To start using captaincredz, the following lines may be useful: Extending CaptainCredz Writing...
The post CaptainCredz: modular and discreet password-spraying tool appeared first on Penetration Testing Tools.
Tarian Protect your applications running on Kubernetes from malicious attacks by pre-registering your trusted processes and trusted file signatures. Tarian will detect unknown processes and changes to the registered files, then it will send...
The post Tarian: Protect your applications running on Kubernetes from malicious attacks appeared first on Penetration Testing Tools.
