AI Summary: Mosint is an automated Open Source Intelligence (OSINT) tool designed for efficient email investigations and scanning. It consolidates various services to validate emails, check for social media accounts, investigate data breaches, and extract associated information rapidly, all while being lightweight and user-friendly. Notable features include email verification, data breach checks, Pastebin scans, DNS/IP lookups, and the ability to output results in JSON format.

README

Features • Installation • Services • Usage • Docker • Config • Screen

AI Summary: Mr.Holmes is an OSINT information gathering tool designed for collecting data about domains, usernames, and phone numbers using publicly available resources and Google dorks. Notable features include the use of proxies for anonymous requests and integration with a WhoIS API for enhanced domain information retrieval. The tool is aimed at educational and research purposes, although accuracy may vary.

README

AI Summary: MSDAT (Microsoft SQL Database Attacking Tool) is an open-source penetration testing utility designed for assessing the security of Microsoft SQL databases remotely. Its primary use case includes discovering valid credentials, privilege escalation, and executing operating system commands through various SQL features. Notable features of MSDAT include the ability to perform dictionary attacks, capture SMB authentication, execute SQL requests, and manipulate files on the server, while supporting multiple Microsoft SQL Server versions.

AI Summary: mssqlproxy is a lateral movement tool designed to facilitate access through a compromised Microsoft SQL Server by utilizing socket reuse. It operates with sysadmin privileges and comprises a CLR assembly, a core DLL, and a client, allowing users to install and manage proxy services for connecting to external systems. Notable features include remote DLL management, commands for file transfer, and options for configuring local listening ports, although it currently supports only IPv4 connections.

AI Summary: Multi Theft Auto: San Andreas (MTA) is an open-source modification that enables multiplayer gameplay for the single-player version of Grand Theft Auto: San Andreas through an advanced game engine framework. It incorporates networking and GUI rendering capabilities while allowing extensive customization via a Lua scripting language, making it possible to create custom game modes and content for multiple players. Notable features include code injection techniques for game manipulation without altering original files, a robust resource management system for asynchronous content delivery, and a collaborative community for development and support.

AI Summary: My Arsenal of AWS Security Tools is a curated collection of open-source tools designed to enhance security in AWS environments through various functionalities, including defensive hardening, offensive testing, and security auditing. Notable features include comprehensive coverage of cloud security best practices and continuous monitoring capabilities, facilitating improved incident response and compliance with standards such as CIS and GDPR. This repository serves as a resource for security practitioners aiming to bolster their AWS security posture.

AI Summary: MyIP is a multifaceted IP toolbox that enables users to view and analyze their IP addresses, perform network diagnostics, and check website accessibility. Its notable features include detailed IP information retrieval, DNS leak testing, speed testing, and support for multiple languages, along with additional functionalities like proxy rule testing and a cybersecurity checklist. The tool is designed to be user-friendly, featuring dark mode, minimalist mobile optimization, and a Progressive Web App (PWA) support for enhanced accessibility.

AI Summary: MySQL Fake Server is a tool designed for penetration testing, specifically emulating a MySQL server to exploit vulnerabilities related to file reading and Java deserialization in MySQL JDBC clients. Notable features include the ability to read large binary files, support for custom configuration through a JSON file, and the option to preview or save the contents of read files, all implemented in pure Python 3 without external dependencies.

AI Summary: n0kovo_subdomains is a comprehensive subdomain enumeration wordlist containing 3,000,000 entries sourced from SSL certificate data across the entire IPv4 space. This tool is designed to enhance the efficacy of subdomain discovery activities for penetration testing and security assessments, utilizing a robust dataset that offers a balanced trade-off between size and search effectiveness. Users can leverage this highly efficient wordlist to improve the success rate of finding subdomains in various target domains.

AI Summary: Name-That-Hash is a modern hash identification tool designed to accurately identify various hash types, such as MD5 and NTLM. Its notable features include popularity ratings to prioritize common hashes, hash summaries for informed selection, accessible color output, and JSON-based API access for integration into other projects. The tool is intended to provide a more user-friendly and up-to-date alternative to older hash identification systems.

README

➡️ Discord | Website ⬅️

The Modern Hash Identification System
pip3 install name-that-hash && nth
Web App with no install needed

AI Summary: Netcat for Windows is a TCP/IP utility designed for network diagnostics and exploration, functioning as a versatile “Swiss Army knife” for admins on the Windows platform. It supports both inbound and outbound connections over TCP or UDP, features built-in port scanning, DNS checks, and allows for custom local network configurations. Notably, this version excludes the potentially insecure -e switch to mitigate false positives from antivirus software, while also resolving issues encountered during telnet sessions.

AI Summary: NetExec is a community-driven network exploitation tool derived from the predecessor CrackMapExec, designed to facilitate network enumeration and execution of various tasks across multiple hosts. It boasts functionalities for maintaining and expanding the original tool’s capabilities, alongside regular updates and community contributions. Notable features include an emphasis on user collaboration, a dedicated Discord channel for support, and extensive documentation in development.

README

🚩 This is the open source repository of NetExec maintained by a community of passionate people

AI Summary: The Netlas Cookbook serves as a comprehensive guide for utilizing Netlas Search Tools, aimed at audiences with varying levels of cybersecurity knowledge. It provides practical examples and automation techniques for searching and analyzing IP addresses and domain data on the Internet, while also detailing the use of the Netlas API for advanced queries and OSINT tasks. Key features include search query syntax explanation, logical operators, and integration with Python, enhancing user capabilities in attack surface management and information retrieval.

AI Summary: NETReactorSlayer is an open-source deobfuscator and unpacker specifically designed for Eziriz .NET Reactor, facilitating the process of reversing obfuscated .NET applications. This tool offers both a graphical user interface (GUI) and a command-line interface (CLI), enabling flexible usage depending on user preference. Notable features include comprehensive documentation, community contributions, and adherence to the GPLv3 license, ensuring wide accessibility and support for developers.

README

.NETReactorSlayer

NETReactorSlayer is an open source (GPLv3) deobfuscator and unpacker for Eziriz .NET Reactor.

AI Summary: OWASP Nettacker is an automated penetration testing and information-gathering framework designed for cybersecurity professionals to conduct reconnaissance, vulnerability assessments, and network security audits. Key features include a modular architecture for customizable task execution, support for multi-protocol and multithreaded scanning, comprehensive output formats, and a user-friendly interface for managing scans, all of which enhance its efficacy in identifying weaknesses across diverse systems and applications.

README

OWASP Nettacker

AI Summary: NeuroSploit v3 is an AI-powered penetration testing platform designed for autonomous security assessments, offering support for 100 vulnerability types within isolated Kali Linux containers. Key features include an autonomous agent for parallel testing, an exploit chain engine, anti-hallucination controls, real-time monitoring via a modern web interface, and multi-provider LLM integration for adaptive scanning strategies. The tool provides efficient scanning capabilities and detailed reporting, making it suitable for comprehensive security evaluations.

AI Summary: Nginx-Lua-Anti-DDoS is a protective tool designed for Nginx web servers, leveraging Lua scripting to mitigate DDoS attacks through a JavaScript-based authentication puzzle inspired by Cloudflare’s “I’m Under Attack” mode. The tool features automatic detection and activation of protection mechanisms against various attack types, extensive IP and User-Agent filtering options, as well as capabilities to inspect and block malicious HTTP requests. With no limitation on attack size and built-in logging for monitoring, it offers customizable error responses and caching optimizations to enhance web server performance during attacks.

AI Summary: ngrev is a graphical tool designed for the reverse engineering of Angular projects, enabling users to navigate application structures and visualize the relationships between modules, providers, and directives through static code analysis, eliminating the need to execute the application. Notable features include support for custom theming, compatibility with Angular’s Ivy compiler, and integration with Angular CLI for streamlined project selection.

README

ngrev

Graphical tool for reverse engineering of Angular projects. It allows you to navigate in the structure of your application and observe the relationship between the different modules, providers, and directives. The tool performs static code analysis which means that you don’t have to run your application in order to use it.

AI Summary: Nidhogg is a versatile kernel-level rootkit designed for Windows 10 and 11, enabling a wide array of operations directly from kernel space. Its primary use case is to facilitate stealthy and powerful control over system processes, threads, files, and registry items, featuring advanced capabilities such as process hiding, memory scanner bypassing, and credential dumping. Notable features include a built-in AMSI bypass, support for reflective loading, and a Nidhogg Object File (NOF) for custom kernel-mode code execution, enhancing its integration with command-and-control (C2) frameworks.

AI Summary: Nishang is a comprehensive PowerShell framework designed for offensive security, penetration testing, and red teaming, featuring a collection of scripts and payloads that assist in various stages of penetration testing. It allows users to execute scripts in memory to bypass antivirus detection and includes notable functionalities such as encoding commands, webshell capabilities, and Active Directory manipulation tools. The framework is structured for ease of use with PowerShell, offering detailed help for individual scripts and versatile execution methods.

AI Summary: The Ullaakut/nmap library offers Go developers a comprehensive interface to leverage the features of the Nmap network scanner within their applications, facilitating the creation of security audit tools. By utilizing the Go language’s capabilities, the library allows for robust network scans, service detection, and easy parsing of XML outputs produced by the Nmap binary. Notable features include support for various scan types and the ability to manage scan timeouts, enhancing both flexibility and performance in penetration testing scenarios.

AI Summary: NMAP-Formatter is a versatile tool designed to convert NMAP XML output into various formats such as HTML, CSV, JSON, Excel, and more, facilitating the analysis and reporting of network scan results. Notable features include support for output via stdin, the ability to generate diagrams using Graphviz, and options to skip down hosts, enhancing usability for security professionals and network administrators. This tool can also be utilized as a library in Golang for integration into other applications.

AI Summary: No Comment is a tool designed for analyzing and visualizing gameplay data, specifically focusing on tracking player movements and in-game events within the Minecraft server 2b2t. Its primary use case is to create detailed heatmaps and monitor activity trends, enabling users to comprehend the dynamics of player interactions and exploit occurrences. Notable features include high-resolution visual outputs of player activities and integration with community resources for enhanced data representation.

AI Summary: NodePass is an open-source network tunneling solution that provides enterprise-grade TCP/UDP tunneling with minimal configuration and high performance, designed for managing complex network scenarios. Key features include seamless protocol conversion, a connection pooling architecture for reduced latency, multi-level TLS security mechanisms, and real-time monitoring capabilities. The tool targets DevOps professionals and system administrators, facilitating effortless deployment and control in diverse networking conditions.

README

AI Summary: OWASP Noir is a security tool designed to analyze source code and generate comprehensive inventories of application endpoints, including the detection of shadow APIs and hidden routes that traditional methods might overlook. It serves as a bridge between Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), enabling white-box security teams and penetration testers to identify the complete attack surface of an application. Notable features include AI-powered analysis across various programming languages, integration capabilities with popular DAST tools, and the ability to output results in multiple formats for seamless workflow integration.