Rejected tools

10d10d (#1455) - my personal website.
4n4lDetector (#1298) - Advanced static analysis tool.
Above 2.0 (#1105) - Automates the search for network vulnerabilities, designed for pentesters,...
AD-AssessmentKit (#1724) - Contains a collection of Bash scripts designed for comprehensive security...
Adcshunter (#1708) - Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable...
ADExplorer (#1783) - Active Directory Explorer. Display Active Directory tree in a Finder-like...
ADFind (#1784) - SeekOut Valuable AD Information.
ADHunt (#1684) - A tool for enumerating Active Directory Enviroments looking for interesting...
Airi (#1171) - Airi is made to find hidden input parameters in web applications.
Airixss (#1175) - Airixss is for checking reflection in recon process to find possible xss...
ApkHack-BackDoor (#1189) - ApkHack-BackDoor is a shell script that simplifies the process of adding...
Arescan (#1226) - Arescan: Advanced Directory Discovery Tool.
Artillery (#1722) - CIA UAC bypass implementation that utilizes elevated COM object to write...
ASPJinjaObfuscator (#1821) - Heavily obfuscated ASP web shell generation tool.
atop_maltego (#1432) - A new Maltego transform useful to make investigations on TON assets like...
AutoAppDomainHijack (#1825) - Automated .NET AppDomain hijack payload generation.
Automated Multi UAC bypass (#1742) - Automated os version selector to run UAC based on OS versions.
autoNTDS (#1649) -  autoNTDS is an automation script designed to simplify the process of...
badgerDAPS (#1665) - Brute Ratel LDAP filtering and sorting tool. Easily take BR log output...
BHHB (#314) - View the HTTP history exported from Burp Suite Community Edition.
BypassNeo-reGeorg (#1312) - Anti-kill version Neo-reGeorg.
Camera Exploitation Tool (#1116) - Automated exploit scanner for cameras on the internet.
CAS (#716) - Code signing tool and SBOM (software bill of materials) scanner.
CertVerify (#916) - The CertVerify is a tool designed to detect executable files (exe, dll,...
chameleon (#1219) - Chameleon is yet another PowerShell obfuscation tool designed to bypass...
check_mdi (#1812) - Python script to enumerate valid Microsoft 365 domains, retrieve tenant...
chisel (#721) - Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH....
CHOMTE.SH (#1452) - Recon Tool with Good Workflow & Amazing Features, It narrow down the Attack...
Cisco SmartInstall Exploit (#767) - Cisco SmartInstall Exploit CVE-2018-0171.
ClownSearcher (#1337) - This tool is created to facilitate our dorking process, making it faster...
Cookie-Editor (#1815) - Efficiently create, edit and delete a cookie for the current tab.
CRTER (#1287) - This script reads a text file containing domains, fetches the subdomains...
cyberonix (#976) - Cyberonix is a complete resource hub for Cyber Security Community.
CyberXS (#1781) - CyberXS is an XSS Vulnerability Automation Tool made with multiple Oneliners.
Dir-Xcan6 (#1212) - Dir-Xcan6 is a free and open-source scanner based on OWASP's DirBuster...
docker_nginx_logger (#1201) - Nginx Request Logger Server [Docker Version].
docker-osmedeus v4 (#1192) - Docker image for Osmedeus, a fully automated offensive security tool for...
Dogwalk Proof-of-Concept (#985) - The PoC allows an attacker to obtain Remote Code Injection on a Windows...
DomainTrail (#1695) - DomainTrail is a fast subdomain enumeration tool that uses effective passive...
Dropper (#1828) - Project that generates Malicious Office Macro Enabled Dropper for DLL SideLoading...
EndExt_ (#1043) - EndExt is a .go tool for extracting all the possible endpoints from the...
EnumStrike (#1293) - Cobalt Strike Aggressor script to automate host and domain enumeration.
Ethiack (#1273) - Preemptively attack your assets and identify vulnerabilities with Autonomous...
Evilgrade (#743) - Evilgrade is a modular framework that allows the user to take advantage...
Eviltree (#1774) - A python3 remake of the classic "tree" command with the additional feature...
exploit-poc (#1168) - TOP All bugbounty pentesting CVE-2022- POC Exp Things.
FoxyProxy (#1816) - FoxyProxy is an open-source, advanced proxy management tool.
Frizz (#1176) - Find Crlf injection vulnerable endpoints.
Gel4y Mini Shell Backdoor (#1700) - A webshell that can bypass some system security, all code has been obfuscated...
GetLAPSPassword (#1190) - A LAPS dumper written using the impacket library.
GodPotato_ (#1042) - Based on the history of Potato privilege escalation for 6 years, from the...
GodPotato-Aggressor-Script (#1725) - GodPotato is written by BeichenDream and can be found at ...
Goosle (#1706) - A Meta Search engine with privacy and ease of use in mind.
GPPDeception (#1679) - This script generates a groups.xml file that mimics a real GPP to create...
gron (#174) - Make JSON greppable!
GSB (#1615) - Google Safe Browsing is a tool developed by Google aimed at enhancing internet...
HackBot (#1388) - AI-powered cybersecurity chatbot designed to provide helpful and accurate...
Hacker101 CTF (#764) - Game designed to let you learn to hack in a safe, rewarding environment.
HackerToolkit (#1811) - HackerToolkit offers a curated selection of tools designed to enhance your...
HALA (#1288) - HALA offers a powerful capability that enables you to identify reflected...
hash-cracker (#1395) - short description of the tool (max:100) tool that helps you cracking hashes...
hash-hound (#1145) - A simple python script to identify different hashes.
hashcracker (#1796) - A powerfull bruteforcing tool to brute force the algorithm which is seen...
hfuzz (#1084) - Wordlist for web fuzzing, made from a variety of reliable sources including:...
Honeypots-Detection (#1660) - Nuclei templates for honeypots detection.
huntkit (#1765) - Docker - Ubuntu with a bunch of PenTesting tools and wordlists.
icmp_reverse_shell (#1174) - This project is about reverse shell using icmp.
icmp_shell (#1178) - shell over icmp, server run at linux and client run at windows.
Invictus (#1688) - Little vulnerable app as a practice app for OSED.
Invoke-DHCPCheckup (#1702) - Invoke-DHCPCheckup is a tool meant to identify risky DHCP and DNS configurations...
Ippsec (#1160) - IPPSEC's YouTube channel offers educational content on cybersecurity and...
IsmailScript (#1324) - Fast and customizable information gathering to enable a penetration tester...
Jeeves (#1170) - Jeeves is made for looking to Time-Based Blind SQLInjection through recon.
Js-Finding (#1299) - JS Finding can be used to extract JavaScript (JS) files from either a single...
js-xss (#1235) - Sanitize untrusted HTML (to prevent XSS) with a configuration specified...
KExecDD (#1803) - Admin to Kernel code execution using the KSecDD driver.
KillDefender (#1251) - A small POC to make defender useless by removing its token privileges and...
LetMeowIn (#1802) - A sophisticated, covert Windows-based credential dumper using C++ and MASM...
LinPEAS (#583) - LinPEAS is a script that searches for possible paths to escalate privileges...
log4j-scan (#171) - Automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228.
LOLSpoof (#1739) - An interactive shell to spoof some LOLBins command line.
m365-fatigue (#1694) - This Python script automates the authentication process for Microsoft 365...
Malicious (#1496) - Hacking WordPress Plugins - Authenticated Shell Upload, compromising the...
malicious-pdf2 (#820) - Generate a bunch of malicious pdf files with phone-home functionality.
Malwoverview (#727) - First response tool used for threat hunting and offers intel information...
micr0shell (#1779) - micr0shell is a Python script that dynamically generates Windows X64 PIC...
MimiPenguin (#625) - A tool to dump the login password from the current linux desktop user.
MobSecco (#1323) - A tool to create a clone debug a mobile application from Android apk. The...
Moriarty Project (#1106) - A powerful web based phone number investigation tool. It has 6 features...
Mortar (#827) - red teaming evasion technique to defeat and divert detection and prevention...
NativeDump (#1794) - Dump lsass using only Native APIs by hand-crafting Minidump files (without...
NetInspect (#1643) - Information gathering of IPs or domains.
Netscout (#1780) - OSINT tool that finds domains, subdomains, directories, endpoints and files...
NetworkSherlock (#1513) - NetworkSherlock: Porwerfull Port Scanning With Shodan.
Nim-Shell (#1752) - Reverse shell that can bypass windows defender detection.
NoArgs (#1809) - Manipulating and Hiding Process Arguments.
NODESUB (#1311) - Nodesub is a command-line tool for finding subdomains in bug bounty programs.
NtlmThief (#1680) - Extracting NetNTLM without touching lsass.exe.
NucleiFuzzer (#1506) - NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF,...
NucleiScanner (#1830) - NucleiScanner = Nuclei + Subfinder + Gau + Paramspider + httpx.
obfus.h (#1798) - Macro-header for compile-time C obfuscation (tcc, win x86/x64).
Open Multiple URLs (#1818) - Opens a list of URLs at once.
OS-Downloads (#1762) - Links Of Windows/Linux/OFFICE ISOs Files using official Links.
OSCP-Reporting (#1156) - Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP Exam and Lab Reporting...
OUned (#1805) - The OUned project automating Active Directory Organizational Units ACL...
PacketSpy (#1750) - PacketSpy is a powerful network packet sniffing tool designed to capture...
PassMute (#1249) - PassMute - A Password Trasmutation/Mutator tool.
PathFinder (#1674) - Web Path Finder is a Python program that provides information about a website....
Pen-Andro (#784) - Script to Automate installtion of Apps ,frida server and moving Burpsuite...
pentesting-bootstrap (#1652) - Fast and easy way of setting up a hardened pentesting environment with...
pepito (#1206) - Searches git repositories for specific strings, digging deep into commit...
Personal Cloud Desktop (#991) - SetUp an Ubuntu machine with a DNS name on Cloud with Terraform and some...
PhoenixC2 (#1223) - Free & open source C2 framework for Red Teams.
php-request-proxy (#1200) - A lightweight PHP script that forwards requests to a target server, effectively...
PowerLessShell (#609) - Run PowerShell command without invoking powershell.exe.
PowerShell-Obfuscation-Bible (#1242) - A collection of techniques, examples and a little bit of theory for manually...
PowerTools (#1687) - Powershell tools used for Red Team / Pentesting. As of Nov 23 2023 all...
ProcOpen-PHP-Webshell (#1295) - Experience the power of a PHP webshell designed to overcome the limitations...
Proving Grounds (#1243) - Offensive Security’s Proving Grounds training labs.
proxy-tamper (#1211) - HTTP proxy library for node.js that tampers HTTP Requests and inserts iframe...
Pyramid (#752) - a tool to help operate in EDRs' blind spots.
ReconBulk (#1102) - Automated Subdomain Enumeration and Scanning Tool.
Reflector (#1191) - Reflector is cli tool written using golang to test for reflected parameters...
remote_commander (#1199) - Remote Commander - PHP script for sending commands to your PC remotely.
Rev-Shell (#1791) - Basic script to generate reverse shell payloads, generally most used in...
revshellgen (#1301) - Reverse shell generator written in Python 3.
RMS-Runtime-Mobile-Security (#1435) - With RMS you can easily dump all loaded classes and relative methods, hook...
RootKits-List-Download (#1150) - The list of all rootkits found so far on github and other sites.
RsaCracker (#1396) - Powerful RSA cracker for CTFs. Supports RSA, X509, OPENSSH in PEM and DER...
RunAsPasswd (#1153) - A RunAs.exe clone with the ability to specify the password as an argument.
RunWithDll (#1682) - A utility that can be used to launch an executable with a DLL injected.
s3-xplode (#1588) - S3-xplode is a script that will scan a public s3 bucket for secrets using...
s3n (#1202) - Search-Scan-Save-Notify.
S4UTomato (#1757) - Escalate Service Account To LocalSystem via Kerberos.
ScrapingKit (#1286) - Scraping Kit is made up of several tools for scraping services for keywords,...
SecretOpt1c (#1313) - SecretOpt1c is a Red Team tool that helps uncover sensitive information...
SeeYouCM-Thief (#1216) - Automatically download and parse conf files from Cisco phone systems searching...
Sentinel (#1800) - an all-in-one encompassing tool for investigations assistance, from API...
ShadowClone (#626) - ShadowClone allows dynamic task distribution across serverless functions...
SharpADWS (#1760) - Active Directory reconnaissance and exploitation for Red Teams via the...
SharpTokenFinder (#1701) - C# implementation of TokenFinder. Steal M365 access tokens from Office...
Shell3er (#1183) - Shell3er PowerShell Reverse Shell Evade EDR's and AV's support Random Process...
shells2 (#1450) - A script for generating common revshells fast and easy. Especially nice...
ShodanX (#1663) - ShodanX is a tool to gather information of targets using shodan dorks⚡.
SlowLoris (#993) - Slowloris is basically an HTTP Denial of Service attack that affects threaded...
SomalifuscatorV2 (#1807) - Most advanced and poorly coded windows batch obfuscator ever made.
some-tweak-to-hide-jwt-payload-values (#1653) - a handful of tweaks and ideas to safeguard the JWT payload.
SQLi_Sleeps (#1746) - It is a simple script that allows to find SQLi vulnerabilities, obtaining...
Stinger (#1726) - CIA UAC bypass implementation of Stinger that obtains the token from an...
Subcriminalip (#1331) - Subcriminal: Python tool using Criminal IP API to extract domain data efficiently.
Subprober (#1804) - A Fast Multi-Purpose Http Probing Tool for Penetration Testing.
SubScout (#652) - A simple bash script to automate your initial recon and extend your attack...
Superman (#1764) - 🤖 Kill The Protected Process 🤖.
TCP-tunnel-RCE (#1203) - Excel induced macro code Arbitary code execution from remote system misusing...
Theattacker-Crypter (#1247) - Tool to evade Antivirus With Different Techniques.
TheFatRat (#754) - TheFatRat is an exploiting tool which compiles a malware with famous payload,...
Tmux (#1117) - Tmux is a terminal multiplexer !!.
Tool NiceName (#1136) - Tunneling over websocket protocol - Static binary available.
Tracey-Backdoor V2 (#1180) - A Reverse Shell Backdoor made in Python OOP. It is supposed to work in...
UAC-Exploit (#1088) - Presenting an exploit method that bypasses the admin access confirmation...
UPEESCESS (#1933) - Enumerate WordPress users by leveraging the /author/ endpoint.
usbkill (#992) - « usbkill » is an anti-forensic kill-switch that waits for a change on...
VDR - Vulnerable Driver Research (#1647) - Vulnerable driver research tool, result and exploit PoCs.
VectorKernel (#1698) - PoCs for Kernelmode rootkit techniques research or education. Currently...
voipire (#1797) - Voipire scans and exploits the RTP bleed vulnerability.
WebRecon2 (#1225) - WebRecon2 is another Website-reconnaissance tool, It uses the best tools...
WebSieve (#1110) - Extract Unique URLs from a Webpage.
wezterm (#1763) - A GPU-accelerated cross-platform terminal emulator and multiplexer written...
What is this browser? (#1209) - From a simple User-Agent, it tells you what might be the browser, version...
WhatMail (#1289) - A command-line tool that analyzes the header of an email and provides detailed...
whatsapp-osint (#1134) - Logs online/offline events from ANYONE in the world.
WiFi Exploitation Framework_ (#1248) - Wi-Fi Exploitation Framework.
WinDefenderKiller (#1824) - Windows Defender Killer | C++ Code Disabling Permanently Windows Defender...
Windows-Local-Privilege-Escalation-Cookbook (#1729) - Windows Local Privilege Escalation Cookbook.
Wolfy (#1172) - Wolfy is a tool which bypass AVs by using a crypter + the tool Condor from...
WordSteal (#1768) - This script will create a POC that will steal NTML hashes from a remote...
WSPCoerce (#1756) - PoC to coerce authentication from Windows hosts using MS-WSP.
XSS-Automation-Tool (#1184) - XSS automation tool helps hackers identify and exploit cross-site scripting.
XSS-Callback (#1205) - XSS Callback is a tool allowing you to exploit XSS vulnerabilities.
XSS-exploit (#1204) - XSS Injection based keylogger.
xsshuntertest (#1057) - The fastest way to set up XSS Hunter to test and find blind cross-site...
XssPy (#1236) - XssPy - Web Application XSS Scanner.
xsubfind3r (#1497) - xsubfind3r is a command-line interface (CLI) based passive subdomain discovery...
Zeus (#728) - Powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening...