Keep calm and hack something, but remember to wear a ninja mask for added stealth. 🐱👤😎
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.
Java - Released: 08 Apr 2023 - 1,958
A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
Python - Released: 13 Jan 2017 - 290
Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
Shell - Released: 16 Jan 2016 - 590
Multi-threaded XMLRPC brute forcer using amplification attacks targeting WordPress installations prior to version 4.4.
Python - Released: 30 Aug 2016 - 103
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Java - Released: 05 Oct 2016 - 190
Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Java - Released: 23 Sep 2019 - 61
Perform various SMB-related attacks, particularly useful for testing large Active Directory environments.
Shell - Released: 01 Oct 2018 - 41
Framework designed to automate the process of assembly code injection (trojanising) within Android applications.
Smali - Released: 27 May 2016 - 37
Burp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).
Java - Released: 29 May 2018 - 28
An Android RAT that collects various sensitive information in real-time and send them to the attacker databse.
Java - Released: 10 Aug 2017 - 35
A PowerShell script that simplifies life and therefore... phishing.
PowerShell - Released: 25 Jul 2022 - 17
A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.
C# - Released: 31 Jul 2022 - 14
Copy as PowerShell request(s) plugin for Burp Suite (approved by PortSwigger for inclusion in their official BApp Store).
Java - Released: 25 Jan 2018 - 11
A collection of PowerShell scripts for pentesting activities.
PowerShell - Released: 25 Jan 2018 - 7
A collection of utility scripts/files designed to extend/facilitate Bloodhound capabilities.
Released: 25 Aug 2021 - 7
An extensible Rust-based exploitation framework designed to audit/attack AzureAD environments.
Rust - Released: 17 Jul 2022 - 7
Display OpenVPN connected clients and their associated routing information in a user-friendly fashion.
Python - Released: 14 May 2018 - 8
Generate various type of statistics from phishing engagement results.
Python - Released: 04 Jan 2018 - 7
Attempt at dockerizing Burp Enterprise v2022.4.
Dockerfile - Released: 19 May 2022 - 4