AI Summary: AngryOxide is a Rust-based 802.11 attack tool designed for penetration testing and WiFi exploitation research. It provides an active state-based attack engine that retrieves EAPOL messages from access points and clients, with features such as target filtering, auto-hunting capability, and GPS integration for geo-fencing. The tool is equipped with a terminal UI, headless operation mode, and a variety of automated attacks aimed at retrieving cryptographic data for later cracking with tools like Hashcat.

AI Summary: Binsider is a versatile tool designed for reverse engineers, enabling both static and dynamic analysis of binary files through an intuitive terminal interface. Key functionalities include inspection of binary metadata, string analysis, examination of linked libraries, and detailed ELF layout analysis, all aimed at enhancing understanding of executable files.

README

"Swiss army knife for reverse engineers."

Documentation | Website

😼🕵️‍♂️ Binsider can perform static and dynamic analysis, inspect strings, examine linked libraries, and perform hexdumps, all within a user-friendly terminal user interface!

AI Summary: biodiff is a binary file comparison tool that employs bioinformatics algorithms to align and display two binary files side by side, allowing users to identify similarities and differences in byte sequences. Its notable features include customizable byte representations, multiple viewing modes (aligned and unaligned), and advanced search capabilities using text and regex, which facilitate detailed analysis of binary data. Additionally, users can perform both block-level and global alignments, making it suitable for examining varying sizes of binary files efficiently.

AI Summary: Black Hat Rust is a specialized resource for understanding and implementing offensive security techniques using the Rust programming language. It covers a broad spectrum of offensive security concepts, including building custom tools for cyber attacks, phishing, and exploitation, while emphasizing practical application and real-world Rust programming practices. Notable features include multi-threaded attack surface discovery and async operations, making it suitable for both developers looking to enhance their security skills and security engineers aiming to leverage Rust for offensive purposes.

AI Summary: cargo-auditable is a Rust tool that embeds the dependency tree of a Rust executable in JSON format within the compiled binary, allowing for precise auditing of crate versions against known vulnerabilities. It facilitates vulnerability scanning in production without additional bookkeeping, supporting major operating systems and WebAssembly. Notably, it integrates seamlessly with existing Cargo commands and works in conjunction with tools like cargo-audit to enhance security practices in Rust development.

AI Summary: Chromepass is a Python-based console application designed to decrypt saved passwords and cookies from various web browsers, including Google Chrome, Chromium, and others. Its primary use case is for extracting sensitive credentials with minimal detection by antivirus software through custom build methodologies. Notable features include the ability to remotely send the recovered data, customizable error messages, and a tailored user interface.

README

Chromepass - Hacking Chrome Saved Passwords and Cookies

View Demo · Report Bug · Request Feature

AI Summary: CTFCrackTools X is a next-generation, node-based toolkit designed for CTF (Capture The Flag) competitions, offering an extensive set of over 43 built-in algorithms for encoding, cryptography, and hashing. Key features include a visual workflow that allows users to construct custom encoding and decoding processes intuitively, and native support across Windows, macOS, and Linux platforms without the need for additional runtime installations. The tool emphasizes performance and extensibility, streamlining the process of handling various CTF challenges.

AI Summary: DataSurgeon is a comprehensive tool for extracting sensitive information pertinent to incident response, DLP, penetration testing, and CTF challenges. It supports extraction of a wide range of data types—including emails, credit cards, URLs, and various hashes—across multiple operating systems, and features a plugin management system that allows users to extend its functionality. Notable features include recursive file analysis, CSV output capabilities, and multi-platform support enabling usage on Windows, Linux, and macOS.

AI Summary: Findomain is a comprehensive domain recognition tool designed for efficient subdomain enumeration and monitoring. It utilizes Certificate Transparency Logs and various APIs to discover subdomains without brute-force methods, supports multi-threading for quick searches, and offers integration with notification services such as Discord and Slack. Notable features include DNS over TLS support, parallel resolution capabilities, and extensive configuration options across multiple formats.

README

AI Summary: libgoblin is a versatile Rust library for binary parsing, loading, and analysis, supporting multiple formats including ELF, Mach-O, and PE across both 32-bit and 64-bit architectures. Its notable features include zero-copy parsing, cross-platform capabilities, endian-awareness, and extensive configurability, allowing users to adapt it to various binary analysis tasks while maintaining a lightweight and efficient footprint. The library is designed for use cases ranging from compiler development to binary analysis tools, making it a comprehensive solution for developers working with binary data.

AI Summary: Heroinn is a cross-platform command-and-control (C2) and post-exploitation framework developed in Rust, designed primarily for research and educational purposes. Notable features include a graphical user interface (GUI), an interactive PTY shell, system information collection, file management with support for large files and resuming broken transfers, and compatibility with multiple operating systems including Windows, Linux, BSD, and macOS, leveraging various communication protocols such as TCP, HTTP, and reliable UDP.

AI Summary: The imessage-exporter is a versatile tool for exporting, managing, and diagnosing iMessage data, providing both library and binary functionalities. It facilitates the saving and archiving of message history, including multimedia content, into open formats, while also supporting migration and compliance with data retention policies. Notable features include cross-platform support, extensive compatibility with iMessage functionalities, and diagnostic tools to ensure the integrity of the iMessage database.

README

imessage-exporter

This crate provides both a library to interact with iMessage data as well as a binary that can perform some useful read-only operations using that data. The aim of this project is to provide the most comprehensive and accurate representation of iMessage data available.

AI Summary: Interactive PDF Analysis (IPA) is a graphical tool designed for researchers to deeply explore and analyze the contents of PDF files, particularly focusing on suspicious or potentially malicious documents. Key features include metadata extraction, structural examination of PDF objects, visualization of object references, and the ability to salvage information from corrupted files, all without requiring external dependencies. The tool aims to enhance user experience compared to traditional command-line analysis methods, facilitating a clearer understanding of the relationships among various document elements.

AI Summary: Lonkero is a professional-grade web security scanner engineered for advanced penetration testing, boasting over 125 sophisticated scanning modules written in Rust. Its notable features include an intelligent mode for context-aware scanning, machine learning capabilities to minimize false positives to 5%, and unique proof-based XSS detection that eliminates reliance on browsers, significantly increasing scan speed and accuracy. By leveraging a robust architecture that focuses on real vulnerabilities, Lonkero delivers efficient and precise security assessments for modern web technologies.

AI Summary: Lumen is a private server designed to integrate with IDA Pro 7.2 and later versions, enabling users to efficiently manage and retrieve function signatures via its database-backed infrastructure utilizing PostgreSQL. It features an experimental HTTP API for querying by function hash or file, facilitating collaborative reverse engineering workflows. The tool is provisioned with a straightforward setup through Docker and can be used with custom TLS configurations for secure communications.

AI Summary: Matano is an open-source cloud-native security data lake specifically designed for AWS, enabling security teams to normalize and manage security logs effectively. Its notable features include the ability to integrate with over 50 log sources, support for Detection-as-Code using Python, serverless architecture for scalability, and vendor-neutral ownership through open standards. The tool aims to enhance SIEM capabilities by providing a cost-effective and versatile solution for security data management and analysis.

AI Summary: Moonwalk is a lightweight tool designed for penetration testing on Unix systems, enabling users to erase their traces during exploitation by restoring system logs and filesystem timestamps to their previous state. Key features include a fast execution time of under 5 milliseconds, the ability to save and revert user shell history, and a world-writable path for session logging, ensuring that no evidence of the testing remains.

README

AI Summary: Nosey Parker is a command-line interface (CLI) tool designed for scanning textual data to identify secrets and sensitive information, essentially functioning as a specialized grep for secret detection. Targeted primarily at offensive security operations, it offers features such as flexible scanning of various data sources, usage of 188 precision-focused regex rules, deduplication of matches to streamline review processes, and high-speed scanning capabilities, making it suitable for large-scale security engagements. Note that Nosey Parker has been officially retired and replaced by the tool Titus.

AI Summary: Obliteration is an open-source PlayStation 4 kernel reimplementation in Rust, designed to enable the execution of dumped PlayStation 4 system software on various operating systems, including Windows, Linux, and macOS. Notable features include cross-platform support with native binaries, near-native performance leveraging hypervisor technologies, and a kernel architecture aimed to closely resemble the original PlayStation 4 kernel for enhanced compatibility. Currently, the project is in early development and does not yet support game execution.

AI Summary: Operative Framework is a digital investigation tool designed for interacting with multiple targets, executing a variety of modules, and managing links with these targets. Its notable features include the ability to export reports in PDF format, support for crafting custom modules, and a RESTful API for integration, all underpinned by a redesigned architecture in Rust for enhanced performance and functionality.

README

operative framework is a digital investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

AI Summary: Panopticon is a cross-platform disassembler designed for reverse engineering, capable of disassembling multiple instruction sets including AMD64, x86, AVR, and MOS 6502, as well as opening ELF files. Notable features include a Qt-based GUI for visualizing and annotating control flow graphs, though it has been deprecated with a migration to GitLab and restructuring into multiple crates. Users are encouraged to transition to the new version, Verso, for continued development and support.

AI Summary: PDFRip is a multithreaded PDF password cracking tool written in Rust, featuring advanced capabilities such as wordlist attacks, custom query builders, and structured password brute-forcing techniques. Notable features include prepared verifier hot paths for efficient password attempts, exact progress tracking, checkpointing for session resumption, and output in JSON format for automation. It supports various brute-force methods, including bounded masks, date, and number generators, making it a versatile utility for recovering PDF passwords.

AI Summary: pwninit is a tool designed to automate the setup for binary exploitation challenges by preparing the necessary executables and library files. Key features include the ability to set the challenge binary as executable, download an appropriate linker and debug symbols, patch the binary using patchelf, and generate a customizable pwntools solve script. This streamlines the initial configuration process for security professionals and students engaging in binary exploitation tasks.

AI Summary: Rustcat is a versatile port listener and reverse shell utility compatible with Linux, MacOS, and Windows, designed to simplify remote command execution. Notable features include an interactive mode with command history, tab completion, and CTRL-C blocking, which enhance user experience during shell operations. It provides two primary modes of operation: listening for incoming connections and establishing reverse shells for remote system access.

README

AI Summary: RustHound is a cross-platform BloodHound collector tool developed in Rust, designed to generate data about users, groups, computers, OUs, GPOs, and containers for analysis within BloodHound. It operates silently without detection by antivirus software and is suitable for environments where SharpHound is blocked or incompatible. Notable features include its ability to run on Linux, Windows, and macOS, along with a range of compile options, including Docker support and static binary generation.

AI Summary: RustRedOps is a collection of Red Team operation tools developed in Rust, aimed at enhancing the capabilities of security professionals and penetration testers in conducting security assessments and intrusion tests. Notable features include a diverse set of projects focused on techniques such as API hooking, anti-analysis, process enumeration, and various forms of code injection, which collectively facilitate advanced exploitation tactics and malware development. The repository emphasizes efficiency and effectiveness, making it a valuable resource for practitioners in cybersecurity.

AI Summary: RustScan is an advanced port scanner designed for high-speed operation, capable of scanning all 65,000 ports in just 3 seconds. Its notable features include a flexible scripting engine that supports Python, Lua, and Shell for automated processing, as well as adaptive learning capabilities that enhance its performance over time, making it a highly effective tool for network security assessments.

README

AI Summary: Skanuvaty is a high-performance DNS/network/port scanning tool that allows users to quickly analyze a domain by discovering its subdomains and resolving their corresponding IPs. Notable features include support for concurrent scans, with the ability to test thousands of subdomains within seconds, and the generation of a comprehensive output file in JSON format for further analysis.

README

Skanuvaty

Dangerously fast dns/network/port scanner, all-in-one.

Start with a domain, and we’ll find everything about it.

AI Summary: sn0int is a semi-automatic OSINT framework and package manager designed for IT security professionals and researchers to gather intelligence on targets or themselves. It facilitates the enumeration of attack surfaces by processing public information through flexible, modular analysis tools and provides features such as subdomain harvesting, IP address enrichment, login breach discovery, and social media profile analysis. Its extensible architecture allows users to create and share custom modules, enhancing its versatility in investigations.

AI Summary: Thorium is a scalable file analysis and data generation platform designed to orchestrate various docker, VM, or shell tools at scale. Its primary use case is to facilitate the analysis of arbitrary files and repositories, while featuring easy tool import capabilities, static and dynamic analysis sandboxes, a RESTful API, and multi-tenant support for permission management. Additionally, Thorium supports comprehensive search functionalities and includes a wide array of pre-integrated analysis tools, making it suitable for both individual developers and collaborative analytics environments.

AI Summary: VMkatz is a cybersecurity tool designed to extract Windows credentials and secrets directly from virtual machine memory snapshots and disk images without the need for full exfiltration. It supports various input formats, including VMware snapshots and VirtualBox saved states, allowing efficient retrieval of sensitive data such as NTLM hashes, DPAPI master keys, and Kerberos tickets directly from the hypervisor or NAS. Notably, VMkatz operates as a single static binary, requiring minimal setup and enabling rapid credential access in red team engagements.

AI Summary: zizmor is a static analysis tool designed specifically for GitHub Actions, aimed at identifying common security vulnerabilities within CI/CD workflows. It detects issues such as template injection vulnerabilities, accidental credential leakage, excessive permission grants, and misleading git references, among others. The tool’s primary use case is to enhance the security posture of automated workflows by providing insights and recommendations for remediation.

README

🌈 zizmor

zizmor is a static analysis tool for GitHub Actions.