#Other

XSS Scanning and Parameter Analysis tool.

Android Debug Bridge (ADB).

ADExplorerSnapshot.py is an AD Explorer snapshot ingestor for BloodHound.

adPEAS is a Powershell tool to automate Active Directory enumeration.

BadBlood fills a Microsoft Active Directory Domain with a structure and thousands of objects.

A fast enumeration tool for Windows Active Directory Pentesting written in Go.

Simplifies the processes of searching LinkedIn to collect valid employee names.

ArcMenu is an application menu for GNOME Shell, designed to provide a more traditional user experience and workflow. This extension has many features, including multiple menu layout styles, GNOME search, quick access to system shortcuts, and more! If you are a new user to GNOME and are looking for a Windows style start menu, this extension will be perfect for you!

Tools that are not directly classified under a section.

Aria2 is a command line download client with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/SFTP/FTP/BitTorrent and it also supports Metalink.

Tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy.

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Easily rotate your AWS access key.

Lightweight CLI download accelerator.

Enumerates valid email addresses from Office 365 without submitting login attempts.

Flash OS images to SD cards & USB drives, safely and easily.

Modified version of CrossLinked.

Is a SSH, FTP, Telnet, PostgreSQL, RDP, VNC brute forcing tool with Hydra, Medusa and Ncrack.

WebProxy for analysis.

Utility to play with ADCS, allows to request tickets and collect information about related objects.

A CLI tool to extract server certificates.

Active Directory certificate abuse.

Active Directory Certificate Services enumeration and abuse.

A C# project that performs a number of security oriented host-survey 'safety checks' relevant from both offensive and defensive security perspectives.

Change password of a user in a Windows SAM file.

Crowbar is a brute force tool which supports OpenVPN, Remote Desktop Protocol, SSH Private Keys and VNC Keys..

Free client-side encryption for your cloud files. Open source software: No backdoors, no registration.

Is a tool to transfer data from or to a server, using one of the supported protocols. The command is designed to work without user interaction.

Python3 terminal application that contains 260+ Neo4j cyphers for BloodHound data sets.

Dash to Panel is an icon taskbar for Gnome Shell. This extension moves the dash into the gnome main panel so that the application launchers and system tray are combined into a single panel, similar to that found in KDE Plasma and Windows 7+. A separate dock is no longer needed for easy access to running and favorited applications.

Graphical editor for gsettings and dconf.

DIRB is a Web Content Scanner.

An advanced web path brute-forcer.

A script to dump files and folders remotely from a Windows SMB share.

Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation , it contains Anti-sandbox , if you run it under unperformant Virtual Machine you need to uncomment the code related to it and recompile.

A tool for enumerating information from Windows and Samba systems.

Find Microsoft Exchange instance for a given domain and identify the exact version.

Flexible I/O Tester.

Messaging app for WhatsApp, Slack, Telegram, HipChat, Hangouts and many many more.

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals.

GitDump dumps the source code from .git when the directory traversal is disabled.

This repository contains three small python/bash scripts used for the Git research.

Directory/File, DNS and VHost busting tool written in Go.

HandBrake is a tool for converting video from nearly any format to a selection of modern, widely supported codecs.

Scanner for IIS Tilde vulnerability.

Disable and Customize GNOME shell UI Elements.

KeeFarce allows for the extraction of KeePass 2.x password database information from memory. The cleartext information, including usernames, passwords, notes and url's are dumped into a CSV file in %AppData%

This tool is designed to assist in quickly bruteforcing valid Active Directory accounts through Kerberos Pre-Authentication.

Dump LAPS Passwords.

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! With this tool you can quickly see if your attack worked and if it changed LDAP attributes of the target object.

LDAP Password Hunter is a tool which wraps features of getTGT.py (Impacket) and ldapsearch in order to look up for password stored in LDAP database.

Active Directory information dumper via LDAP.

Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP).

A GoLang tool to enumerate and abuse LDAP. Made simple.

A tool to check Domain Controllers for LDAP server protections regarding the relay of NTLM authentication.

Active Directory LDAP Enumerator - Python3 script to quickly get various information from a domain controller through his LDAP service.

Change MAC address of a NIC.

Scan for juicy data on SMB shares. Matching files and logs are stored in $HOME/.manspider. All filters are case-insensitive.

Mattermost is a messaging and collaboration platform. With Mattermost, you can integrate the tools you use every day into one place and never miss a notification or task.

Nikto is a pluggable web server and CGI scanner written in Perl, using rfp’s LibWhisker to perform fast security or informational checks.

Fetch and parse NTLM challenge messages from HTTP and SMB services.

A fast and flexible NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains.

scan for NTLM directories.

Obsidian is a powerful and extensible knowledge base that works on top of your local folder of plain text files.

onesixtyone is a simple SNMP scanner which sends SNMP requests for the sysDescr value asynchronously with user-adjustable sending times and then logs the responses which gives the description of the software running on the device.

OpenSSL based Authenticode signing for PE/MSI/Java CAB files.

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

Just another Powerview alternative.

A Remote Desktop Protocol client.

The GTK Remote Desktop Client.

A fast, reliable, and simple file sync and share solution, powered by P2P technology.

A tool to abuse Exchange Services.

Conveniently create, copy, store and upload screenshots.

An IIS short filename enumeration tool.

Show mount information for an NFS server.

Simply showing network speed.

FTP-like client to access SMB/CIFS resources on servers.

smbclient-ng, a fast and user friendly way to interact with SMB shares.

wget-like utility for download files over SMB.

Samba Share Enumerator.

Simple Network Management Protocol.

Like to snmpwalk, snmpcheck allows you to enumerate the SNMP devices and places the output in a very human readable friendly format. It could be useful for penetration testing or systems monitoring.

Retrieve a subtree of management values using SNMP GETNEXT requests.

Download and install macOS in a VM / macOS on Linux in one command.

Shows a list of sound output and input devices (similar to gnome sound settings) in the status menu below the volume slider.

Automatic SQL injection and database takeover tool.

SSH method scanner. Reports password and publickey authentication.

A testing tool that enumerates SSH Ciphers. Using SSHScan, weak ciphers can be easily detected.

Tabby (formerly Terminus) is a highly configurable terminal emulator, SSH and serial client for Windows, macOS and Linux.

Copy your files faster and more securely.

Checks the partition and boot sectors of your disks. It is very useful in recovering lost partitions.

Is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.

Text-mode interface for Git.

Exploits and expands the file names found from the (IIS) tilde enumeration vuln.

Scanner to enumerate SSL/TLS encryption protocol support.

TruffleHog is a tool for finding credentials.

Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.

A glimpse into your computer's temperature, voltage, fan speed, memory usage and CPU load.

Code editing. Redefined.

The wipe command can be used to securely erase files from magnetic media.