Take it like a gift

apkurlgrep
apkurlgrep

Extract endpoints from APK files.

Ground control
Ground control

A collection of scripts mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.

Domain Hunter
Domain Hunter

Checks expired domains to determine good candidates for phishing and C2 domain names.

Invoke-TmpDavFS
Invoke-TmpDavFS

Memory Backed Powershell WebDav Server.

zarp
zarp

Network attack tool.

Kraken
Kraken

A modular multi-language webshell.

JNDI-Injection-Exploit
JNDI-Injection-Exploit

Generates JNDI links can start several servers to exploit JNDI Injection vulnerabilities.

al-khaser
al-khaser

Public malware techniques used in the wild: virtual machine, emulation, debuggers.

ike-scan
ike-scan

Discover and fingerprint IKE hosts.

Infoga
Infoga

Email OSINT.

aem-detector
aem-detector

Discover Adobe Experience Manager (AEM) Content Management System (CMS) websites.

Invoke-PSImage
Invoke-PSImage

Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute.

AndroSet
AndroSet

Manage Burp Suite certificate in Android to redirect all traffic to Burp Suite.

airbash
airbash

Fully automated WPA PSK PMKID and handshake capture script.

Jaeles
Jaeles

The Swiss Army knife for automated Web Application Testing