Take it like a gift

Caldera
Caldera

Automated adversary emulation platform.

secret-bridge
secret-bridge

Monitors Github for leaked secrets.

CorsMe
CorsMe

CORS misconfiguration scanner tool with speed and precision in mind!

attack_range
attack_range

Create vulnerable instrumented local or cloud environments to simulate attacks.

Atomic Red Team
Atomic Red Team

Small and highly portable detection tests based on MITRE's ATT&CK.

Moriarty
Moriarty

Designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential.

NimPlant
NimPlant

A light-weight first-stage C2 implant written in Nim.

AzureADLateralMovement
AzureADLateralMovement

Lateral movement graph for Azure Active Directory.

SysWhispers
SysWhispers

AV/EDR evasion via direct system calls.

ASNLookup
ASNLookup

Leverage ASN to look up IP addresses owned by a specific organization.

subjs
subjs

Fetches javascript file from a list of URLS or subdomains.

JNDI-Injection-Exploit
JNDI-Injection-Exploit

Generates JNDI links can start several servers to exploit JNDI Injection vulnerabilities.

SubOver
SubOver

A Powerful Subdomain Takeover Tool.

SSRFire
SSRFire

An automated SSRF finder. Just give the domain name and your server and chill!

AndroSet
AndroSet

Manage Burp Suite certificate in Android to redirect all traffic to Burp Suite.