Category Archives: Tools

Sn1per – Automated Pentest Recon Scanner

Sn1per is an automated open source scanner that you can use during penetration testing. the tool allow to use some compilation of pentest utility such as the harvester , nmap and brute force against your target. some of the features

CrackMapExec – Tool for pentesting Windows/Active Directory

Corporate network is becoming more and more relying on active directory where system administrator define roles and groups for users. This is important for accountability and auditing beside admin will have a better and simpler system administration. If you are

Mimikatz – Multi-tool to play with Windows security


Mimikatz tool have been presented in international conferences such as blackhat and DefCon. This tool is designed to work with credentials on windows operating system. Mimikatz allows to extract passwords in plaintext, hash, PIN code or Kerberos tickets from the

PSRecon – PowerShell Utility for Real-time Incident Response and Data Acquisition

System administrators count on using PowerShell to solve problems on different windows operating system. This helps to start scheduled tasks or launch commands remotely on thousands of servers using some simple scripts with too much automation. Information security related events

GCAT – Fully featured backdoor that uses Gmail as a C&C server

There are many tools that allow to generate backdoors and they are used during a penetration testing program or security awareness where the presenter demonstrate how it is easy to have a full control on a remote vulnerable system. The

TaskExplorer- Explore Tasks on Mac OS

TaskExplorer is a tool that you can use to explore running processes on Mac operating system. some of the features are: Signing Status quickly view, (or filter) tasks that are signed by Apple, 3rd-parties, or are unsigned VirusTotal Integration detection

NoSQL EXPLOITATION FRAMEWORK – Framework For NoSQL Scanning and Exploitation

Any database may include sensitive information such as usernames , passwords or users data. This makes a proper security assessment with whole architecture review is required for identifying security gaps that can be used by hackers to compromise the system.