Category Archives: Pentesting

Spray – Password Spraying for Active Directory Credentials

Spray is a tool that you can use to run a bruteforce attack against active directory credentials and services.

Expl-iot – IOT Security Testing and Exploitation Framework

Expl-iot is a framework for security testing IoT and IoT infrastructure. It provides a set of plugins (test cases) and can be extended easily to create new plugins.

Conformer – Password Guessing for different Web Portals

Conformer is a penetration testing tool, mostly used for external assessments to perform password based attacks against common webforms.

DNSExfiltrator – Data Exfiltration over DNS

DNSExfiltrator allows for transfering (exfiltrate) a file over a DNS request covert channel.

Sn1per – Framework for offensive Purposes

Sn1per is a compilation of tools for automated scanning and OSINT check that can be used during a penetration test to enumerate and scan for vulnerabilities.

Koadic – C3 COM Command & Control – JScript RAT

Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire.

sqlmap – Automatic SQL injection and database takeover Tool

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester