Exploitation Tools

997 tools
rules
rules
Free Exploitation Password Attacks

Lastest Hashcat rules for password cracking
RunAs-Stealer
RunAs-Stealer
Open Source Exploitation Forensics

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
rust_tips_and_tricks
rust_tips_and_tricks
Free Exploitation

This repo is just a collection of Rust tips and tricks useful to interact with the Windows API and develop offensive security tools for that…
Rust-Hells-Gate
Rust-Hells-Gate
Free Evasion Exploitation

Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust
rustbof
rustbof
Open Source Exploitation

A Rust template for writing Beacon Object Files (BOFs)
rustclr
rustclr
Open Source Exploitation

Host CLR and run .NET binaries using Rust
RustHound
RustHound
Open Source Exploitation Post-Exploitation

Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀
Rustic64
Rustic64
Open Source Exploitation

64-bit, position-independent implant template for Windows in Rust.
Rustic64Shell
Rustic64Shell
Open Source Exploitation

A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.
RustiveDump
RustiveDump
Open Source Exploitation

LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and remo…
RustPotato
RustPotato
Open Source Exploitation Post-Exploitation

A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTAPI …
RustRedOps
RustRedOps
Open Source Exploitation

RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
RustSoliloquy
RustSoliloquy
Open Source Exploitation

A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and ind…
RustVEHSyscalls
RustVEHSyscalls
Free Exploitation

A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.
Rusty-Playground
Rusty-Playground
Open Source Exploitation

Some Rust program I wrote while learning Malware Development
SafeLine
SafeLine
Open Source Exploitation Web Application

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
SAMDump
SAMDump
Free Exploitation

Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#, C…
sandworm-audit
sandworm-audit
Open Source Exploitation

Security & License Compliance For Your App's Dependencies 🪱
saucerframe
saucerframe
Free Exploitation

saucerframe是一个基于python3的开源批量POC检测框架,默认使用协程异步请求,支持多线程并发,支持多种指定目标方式,可用于批量POC检测,也可根据需要扩展功能。欢迎star和pr
SBSCAN
SBSCAN
Open Source Exploitation

🎭 SBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行springboot未授权扫描/敏感信息扫描以及进行spring框架漏洞扫描与验证的综合利用工具。 [SBSCAN is a penetration testing tool focused …
ScanCannon
ScanCannon
Free Exploitation Reconnaissance

A script for credentials-based attack surface enumeration and general reconnaissance of massive networks
Scanner-and-Patcher
Scanner-and-Patcher
Open Source Exploitation Scanning & Enumeration

A Web Vulnerability Scanner and Patcher
ScanPro
ScanPro
Free Exploitation Reconnaissance

ScanPro - NMap Scanning Scripts ~ Network Mapper
SCANter
SCANter
Open Source Exploitation Web Application

Websites Vulnerability Scanner