🐢 Open-Source Evaluation & Testing for ML & LLM systems

The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.

Self-hosted passive subdomain continous monitoring tool.

smbcrawler is no-nonsense tool that takes credentials and a list of hosts and 'crawls' (or 'spiders') through those shares

Persistent Powershell backdoor tool {😈}

RegStrike is a .reg payload generator

A Bug Bounty Platform that allows hunters to issue commands over a geo-distributed cluster. The ideal user is someone who is attempting to scan multiple bug bounty programs simultaneously, on a recurring basis.

A powerful reverse shell generator

Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.

Collection of (4000+) malicious rMQR Codes for Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more

wmiexec2.0 is the same wmiexec that everyone knows and loves (debatable). This 2.0 version is obfuscated to avoid well known signatures from various AV engines. It also has a handful of additional built in modules to help automate some common tasks on Red team engagements.

A Red Teaming tool focused on profiling the target.

A penetration testing playbook that's suitable for CTF challenges, bug bounty hunting and red team assessments.

🤖🛡️🔍🔒🔑 Tiny package designed to support red teams and penetration testers in exploiting large language model AI solutions.

Discover related domains using Whois data from whoxy.com

Quickly create a list of dorks based on variables entered.

Manipulate Email:Pass combo, All in one tool.

The nightmare of WAFs & CDNs, Use multi tricks for bypass ratelimit of WAFs & CDNs & Webservers.

Command line tool similar to ComboTool-GUI

just a Python Shellcode loader