bloodhound-helpers

Helpers (custom queries) for BloodHound.

copy-as-powershell-requests (Burp Suite Extension)

A Burp Suite extension that copies the selected request(s) to the clipboard as PowerShell object assignments.

GoogleAuthenticator (Burp Suite Extension)

A Burp Suite extension to apply the current Google Two-Tactor Authentication (2FA) code to relevant/selected requests.

JWTCat

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

OpenAPI Parser (Burp Suite Extension)

A Burp Suite extension designed to automate and streamline (OpenAPI-based) API testing.

pentest2xlsx

A highly modular Python script designed to parse the results from popular tools used by security professionals into Excel workbooks to facilitate the reporting phase of penetration tests.

Phishstat

Generate charts/statistics to visualise the outcome of phishing engagements.

Smali Code Injector (SCI)

Automates assembly code (smali) injection within Android applications.

SMBAudit

Allows users to perform various SMB-related attacks across multiple Active Directory (AD) domains or hosts. Supported features are listed under the Features section.

Solstice Pod (Mersive Technologies) Vulnerability

CVE-2017-12945

Solstice Pod (Mersive Technologies) Vulnerability

CVE-2020-35584

Solstice Pod (Mersive Technologies) Vulnerability

CVE-2020-35585

Solstice Pod (Mersive Technologies) Vulnerability

CVE-2020-35586

Solstice Pod (Mersive Technologies) Vulnerability

CVE-2020-35587

Wirespy

Enables the automation of various WiFi attacks to conduct Man-In-The-Middle-Attacks (MITMAs).

xmlrpc-bruteforcer

Bruteforces CMS users' passwords leveraging the "Brute Force Amplification Attack" exploit against XMLRPC interfaces enabling the system.multicall() method (enabled by default).