tools/security

Locally checks for signs of a rootkit

An utility to reset the password of any user that has a valid local account on a Windows system

CLI to search for sensitive services/files/folders

Chrome and Firefox extension for signing with your eID on the web

Middleware for the Italian Electronic Identity Card (CIE)

Tool to scan SAAS and PAAS applications

Tool to obtain GraphQL API schemas

Antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats

Automated Encryption Framework

Cloud agnostic IAM permissions enumerator

Cloud enumeration tool

Tool for situational awareness of cloud penetration tests

Cloud bucket scanner

Tool for listing assets from multiple cloud providers

Decrypt password stored in cmos used to access BIOS SETUP

Cloud-native, graph-based asset inventory

An open source, cloud-native security and policy project

Tool to automatically coerce a Windows server

Automated Command Injection Exploitation Tool

Container Signing CLI with support for ephemeral keys and Sigstore signing

Offline dictionary attack against WPA/WPA2 networks

CLI client for Coze, a cryptographic JSON messaging specification

Tool for pentesting networks

GraphQL password brute-force and fuzzing utility

Used to break the encryption on old Microsoft Excel and Microsoft Word files

Tool to detect potentially hard-coded credentials

Tool to search a collection of default credentials

Extract credentials and other useful info from network captures

CRLF injection (HTTP Response Splitting) scanner

Tool to scan for CRLF vulnerability

A brute forcing tool that can be used during penetration tests

CrowdSec is a free, open-source and collaborative IPS

Wordlist generator

Free client-side encryption for your cloud files

An encrypted container manager for Linux using cryptsetup

CVE Binary Checker Tool

Tool to create CycloneDX Software Bill of Materials (SBOM) from Go modules

Tool for analysing parameter and XSS scanning

Tests WebDAV servers by uploading test files, and then optionally testing for command execution or…

Tool to track WiFi devices by signal strength

"secrets" decoding for FRITZ!OS devices

Phishing tool for red teams and pentesters

Secrets scanner that understands code

A small human-editable language to emit DER or BER encodings of ASN.1 structures and malformed var…

A Random Number Generator test suite

Tool to brute force paths on web servers

Asset discovery and identification tools

Tool to scan memory for secrets

A tool to enumerate DNS information

Spy on the DNS queries your computer is making

DNS Enumeration script

Fast and multi-purpose DNS toolkit

Executes the given command as another user

A shim for the sudo command that utilizes doas

An alternative for S/KEY's 'key' command

Tool to bypass 40X response codes

A fork of the Bruteforce Exploit Detector Tool (BED)

The official CLI for interacting with your Doppler Enclave secrets and configuration

Tool to automate the work with Google dorks

Display and debug ASN.1 data

Duo Security Unix login integration

A sensitive data detection tool capable of scanning source code repositories for passwords, key fi…

AWS post-exploitation tool

Create and manipulate ECC NISTP256 keypairs

Tiny collection of programs used for ECDSA (keygen, sign, verify)

Ethereum smart contract fuzzer

Enterprise-class stacked cryptographic filesystem

Helper script to create/mount/unemount encrypted directories using eCryptfs without needing root p…

Tools for manipulating UEFI secure boot platforms

Belgian electronic identity card (eID) middleware

A modern and friendly alternative to GnuPG

Encrypted personal archives

A well known password manager

A tool for enumerating information from Windows and Samba systems

Windows/Samba enumeration tool

Tool to list all public repositories for (valid) GitHub usernames

SMB network scanner

Tor hidden service name generator

WinRM shell for hacking/pentesting

Parser for the Windows XML Event Log (EVTX) format

IoT security testing and exploitation framework

Archive of public exploits and corresponding vulnerable software

Tool to analyse binaries for missing security features

A program that scans log files for repeated failing login attempts and bans IP addresses

Tool to send result from tools to the Faraday Platform

Command Line Interface for Faraday

Zip password cracker, similar to fzc, zipcrack and others

Fast, simple, recursive content discovery tool

Tool for web fuzzing

Decrypt your LUKS partition using a FIDO2 compatible authenticator

DNS reconnaissance tool for locating non-contiguous IP space

Standalone utility for service discovery on open ports

A tool to extract passwords from profiles of Mozilla Firefox and derivates

GTK2 port from Figaro's Password Manager originally developed by John Conneely, with some new enha…

D-Bus daemon that offers libfprint functionality over the D-Bus interprocess communication bus

Fprintd built with libfprint-tod to support Touch OEM Drivers

Payload toolkit for bypassing EDRs

Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers (clien…

An intranet comprehensive scanning tool

A Root-CA for code signing certs - issuing certificates based on an OIDC email address