Take it like a gift

featured

Python tool to remotely extract credentials on a set of hosts.

Another local Windows privilege escalation using a new potato technique.

Easy and customisable pentest report creator based on simple web technologies.

A PowerShell tool heavily inspired by the popular tool CrackMapExec/NetExec.

Makes the maniputation of MAC addresses of network interfaces easier.

A multi-platform fuzzer for poking at userland binaries and servers.

The perils of the pre-Windows 2000 compatible access group in a Windows domain.

Burp Suite Extension useful to verify OAUTHv2 and OpenID security.

Offensive Security Youtube channel.

Exploitation tool which leverages client-side Prototype Pollution to XSS.

Tests a list of s3 buckets to see if they have dir listings enabled or if they are uploadable.

Nikto web server scanner.

Simple tool to look for common Nginx misconfigurations and vulnerabilities.

LDAP library for auditing Microsoft Active Directory.

Automate the process of generating various reverse shells.